I thought I had this one sorted but I have run into a snag. I want to add a ‘Honey Pot’ to the customer registration form, for those unfamiliar this technique involves hiding a text input using CSS and assumes that the average bot will want to fill it in. Humans however, will not see the field so it needs to validate as empty.

In Magento I created a new module, added the following to the config.xml:

<global>
    <fieldsets>
        <customer_account>
            <honeytrap><create>1</create><update>1</update></honeytrap>
        </customer_account>
    </fieldsets>
    <models>
        <customer>
            <rewrite>
                <customer>MyStore_Honeytrap_Model_Customer</customer>
            </rewrite>
        </customer>
    </models>
</global>

I then added a little bit extra to the validate function to check the field is empty. This all correct as far as I can see but at about line 278 in the AccountController.php the extractData() discards the input field from the post data in the request. I’m still very new to Magento so hoping to learn something here too but how do I prevent the field being stripped out of the post by extractData()?

Guess I just want to know what I’m missing, I’ve read a few posts on the internet regarding adding a custom field so as far as I know this should be working but maybe I’ve missed something out as I didn’t include the Entity setup since I don’t need to save this field in the database it’s purely to validate the registration is from a human (as much as possible).

Thanks for any help, I’m sure it’s probably something ridiculous that I’ve missed.

EDIT: Thanks to @gordon-knoppe pointer on using the event:

public function check_trap(Varien_Event_Observer $observer)
{
    $event = $observer->getEvent();
    $post = $event->getControllerAction()->getRequest()->getPost();

    // Check Honeytrap is empty
    if (Zend_Validate::is( trim($post['fname']) , 'NotEmpty')) 
    {
        $customerHelper = Mage::helper('customer');
        $error = $customerHelper->__('A problem has occured with your registration.');
        Mage::getModel('customer/session')->addError($error);

        Mage::app()->getResponse()
            ->setRedirect(Mage::getUrl('customer/account', array('_secure' => true)))
            ->sendResponse();
        exit;
    }
}

With this in the config.xml:

    <events>
        <controller_action_predispatch_customer_account_createpost>
            <observers>
                <mystore_honeytrap_observer>
                    <type>singleton</type>
                    <class>Mystore_Honeytrap_Model_Observer</class>
                    <method>check_trap</method>
                </mystore_honeytrap_observer>
            </observers>
        </controller_action_predispatch_customer_account_createpost>
    </events>