蜜罐实施 [英] Honeypot implementation

问题描述

尝试过滤掉在线表单中的垃圾邮件。我有一个带输入的隐藏div。我们的想法是，如果某些内容进入该字段，该表单会将用户标识为机器人并拒绝提交。在尝试实施此方法后，机器人仍在通过。我不是很熟悉javascript（或者垃圾邮件过滤，就此而言） - 这就是我正在使用的内容：

Trying to filter out spam from an online form. I have a hidden div with an input. The idea is that if something goes into the field, the form will ID the user as a bot and reject the submission. After trying to implement this method, the bots are still getting through. I'm not very familiar with javascript (or spam-filtration, for that matter) - here's what I'm working with:

html（在表单中）：

html (within the form):

<form action="#" method='post' id='vsurvey' name='defer'>
<div id="hp-div">
    If you see this, leave this form field blank 
    and invest in CSS support.
    <input type="text" name="question_20579" value="" />
</div>
<input type="submit" value="Submit Request" />
</form>

css：

#hp-div { display: none }

js：

<script type="text/javascript" charset="ISO-8859-1" src="//ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>

<script type="text/javascript" charset="ISO-8859-1" src="http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js"></script>

<script type="text/javascript">
if(!String.IsNullOrEmpty(Request.Form["question_20579"]))
  IgnoreComment();
</script>

<![if !IE]>
    <script type="text/javascript"> 
        $(document).ready(function(){
            $("#vsurvey").validate({
                invalidHandler: function(form, validator) {
                    var errors = validator.numberOfInvalids();
                    if (errors) {
                        var message = errors == 1 
                            ? 'Oops! You missed 1 field. It has been highlighted' 
                            : 'Oops! You missed ' + errors + ' fields. They have been highlighted below';
                        $("div.alert span").html(message);
                        $("div.alert").show();
                    } else {
                        $("div.alert").hide();
                    }
                },
                errorPlacement: function(error, element) { 
                    return true; 
                }
            })
        }); 
    </script>
<![endif]>

推荐答案

在我看来，蜜罐应包含所有以下内容：

In my opinion, a honeypot should consist of ALL of the below:

• CSS隐藏的字段


• JavaScript隐藏的字段


• 需要空白输入的字段


• 需要特定输入的字段

• A field hidden by CSS
• A field hidden by JavaScript
• A field requiring a blank input
• A field requiring a specific input

例如：

<div class="input-field">
  Please leave this blank
  <input type="text" name="contact" value="" />
</div>
<div class="text-field">
  Please do not change this field
  <input type="text" name="email" value="your@email.com" />
</div>

使用CSS，隐藏第一个字段：

Using CSS, hide the first field:

.input-field { display: none; }

使用jQuery，隐藏第二个字段：

Using jQuery, hide the second field:

$('.text-field').hide();
// or
$('.text-field').addClass('hide');

然后用PHP进行一些非常简单的检查：

Then a couple of very simple checks in PHP:

if($_POST['contact'] == '' && $_POST['email'] == 'your@email.com') {
  // Not a bot
}

这篇关于蜜罐实施的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！