EDITED: Through a recent discovery, I realized that I don't need reCAPTCHA anymore, in fact, it's very far from being effective in preventing SPAM. You'll find more info about that in my recent post: Get rid if annoying captcha!
I have been receiving SPAM emails recently from my contact forms, so I decided to add reCAPTCHA to them (note that reCAPTCHA has been acquired by Google). reCAPTCHA is a little tool that will require users to type in 2 words they can see on an image. This is to prevent machines to fill out the form and so stop SPAM.
The info page describing the tool and the ways to implement it can be found here: reCAPTCHA (Google's Developer's Guide).
I'm using FormMail so I followed that part of the documentation. At the beginning I couldn't make it work (received a 500 Internal Server Error), as my script seemed to have had some unnecessary code. I found the following forum topic very useful while troubleshooting: FormMail with reCAPTCHA help.
Also, the default way of showing the reCAPTCHA error message is by an ugly HTML printout. To avoid that and replace the printout with a redirection to a page that I can include in my blog or style nicely without having to go through complicated cgi coding, I added a simple line in the code following this article: How do I create a CGI-based redirect page?.
And last but definitely not least, I found through testing that emails were still sent to me even though the captcha responses were incorrect. The way I could go around this was to add 2 lines Response.Flush and Response.End below &error('captcha_failed'); under the sub check_captcha section of the cgi script. The forum topic that helped me with that was the following: Form still sent if CAPTCHA is wrong.
One more thing: to exclude the recaptcha fields from the email printout that you receive, you may use the "sort" variable in your form as explained in the documentation of FormMail about this. This line of code looks like this in my forms (it may be different in yours, 'contact' in mine is the email address, but could be a phone number too, and 'text' is the body of the message):
(click in the box to highlight the code for copy)
To see the forms working live, you may try them under the HireMe, AskMe and ContactMe pages.
If you are curious about the final script, please feel free to ContactMe and I'll be happy to send it your way.
No comments:
Post a Comment
Dear legitimate commenters, please post your comments below. I'd be happy to receive your feedback; helps me a lot improving, or getting reassurance that I'm doing something really great here.
IMPORTANT! A note to commenters planning on advertising their business in comments: please be informed that I'm NOT going to post your comments but will ALWAYS mark them as SPAM.