Home/ Questions/Q 8402565
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T22:06:22+00:00

I have a form on a server and the php to process it, on

  • 0

I have a form on a server and the php to process it, on an other server, this configuration cannot be changed.
I receive a lot of SPAM, and tried to fix it. SESSION couldn’t works due to cross-domain, so no token and no captcha, $_SERVER[“HTTP_REFERER”] is not reliable. I’m thinking to implement an encrypted key which change once a day, but i think it’s limited. Any better idea?

exemple of encrypted key: 

$key = "string".date("d");
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    A lot of bots doesn’t run javascript, so you could just inject an arbitrary field into your form:

    <form id="douchebag" action="http://yourotherserver.com/process.php" method="post">
<input type="text" name="name" />
.. bunch of other inputs
</form>

    Then your js:

    var bugSpray = document.createElement('input');
bugSpray.setAttribute('type', 'hidden');
bugSpray.setAttribute('name', 'aa');
bugSpray.value = 'bb';
document.getElementById('douchebag').appendChild(bugSpray);

    then in your process.php

    if(empty($_POST['aa']) || $_POST['aa'] != 'bb') // bot
    • 0