Posted by php-manual on Jan 16, 2009 in
Web We have all been doing email address validation for a very long time to make sure that the email is correctly formatted. This is to avoid users entering wrongly formatted email address but still they can accidentally give us a wrong email address.
Example of a correctly formatted email address but still wrong:
mailbox.does.not.exist@reddit.com [VALID email fromat but still not correct]
Above case specifically happens when you take important customer email on phone and you type in the wrong email. So is there a QUICK solution to really check the email without sending a test message to the user? Yes.
Read more…
Tags: forms, mail, PHP, Web
Posted by php-manual on Jan 14, 2009 in
Web What is CAPTCHA?
CAPTCHA is an acronym for “completely automated public Turing test to tell computers and humans apart.” This can be with images / audio or whatever we will see in future.
Why do sites use it?
CAPTCHA is used to prevent bots from automatically submitting forms with SPAM or other unwanted content. Google and other companies use it to prevent bots from creating multiple Gmail accounts.
What is wrong with it?
Users will have to enter this additional information every time they have to submit a form. This is getting more and more difficult to decode for humans as the bots are getting better at it. I am sure that everyone reading this post has atleast once got a CAPTCHA entered wrongly.
Alternative Simple soultion:
NOTE: Does not apply for highly targeted sites like gmail, yahoo mail and others alike.
However,
If you have a sales form which requires an entry of username, email and phone number for a call back
OR
a simple contact us form with just name, number, description.
1) Have server validation of data.
All the forms have only client validation in javascript. Just validate in server and you can have 70% of spam bot submissions caught.
EG: If your form has Name, Email, Telephone.
The bot will send some 500 character text in Name and valid email and some random data in phone field. A simple validation on the server to trash Name having more than 30 characters will do the trick.
2) Hidden input element
Add an extra text input element to your form. In an external style sheet you set the element to display: none; thus making it invisible to all users with CSS enabled. Spam bots will usually fill all fields in a form you know that any forms submitted where this invisible field is not empty are spam.
With the above two simple steps you can see that most sites can avoid spam messages and still not having to use a captcha.
So in short – for all the websites with simple contact forms why do we use CAPTCHA and risk giving the customer an additional field to fill and risk not to getting them to fill it at all ??
Tags: captcha, forms, Web
Follow us on twitter 
