Sign Up Form Spam

2 posts by 2 authors in: Forums > CMS Builder
Last Post: June 6, 2018   (RSS)

By depdesign - June 5, 2018

We are using the Website Membership signup form which requires an email and fullname, but, somehow spam is able to bypass and not enter an email or fullname and still able to signup.  Is there anything that can be added to block that in the error checking?

This is what we use:

// error checking
    $errorsAndAlerts = "";
    if (!@$_REQUEST['fullname'])                { $errorsAndAlerts .= "You must enter your full name!<br/>\n"; }
    if (!@$_REQUEST['email'])                   { $errorsAndAlerts .= "You must enter your Email!<br/>\n"; }
    else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid Email (example: user@example.com)<br/>\n"; }
    if (!@$_REQUEST['username'])                { $errorsAndAlerts .= "You must choose a username!<br/>\n"; }

Any help greatly appreciated.

- Dan

Dan Perez

By leo - June 6, 2018

Hi Dan,

It's probably the space character that's not been detected. I recommend using trim() for the user inputs to get rid of the spaces for error checking. Here is an example:

if(!trim(@$_REQUEST['email'])) { ... }

Let me know if you have any questions!

Thanks,

Leo - PHP Programmer (in training)
interactivetools.com