What are common methods to prevent spam attacks through contact forms in PHP?

Spam attacks through contact forms in PHP can be prevented by implementing CAPTCHA verification, using honeypot fields, and setting form submission limits. These methods help to distinguish between human users and bots, reducing the likelihood of spam submissions.

&lt;?php
// Check if the CAPTCHA code entered is correct
session_start();
if ($_SERVER[&quot;REQUEST_METHOD&quot;] == &quot;POST&quot;) {
    if ($_POST[&quot;captcha&quot;] != $_SESSION[&quot;captcha&quot;]) {
        echo &quot;CAPTCHA verification failed.&quot;;
        exit;
    }
}

// Add a honeypot field to the form
if (!empty($_POST[&quot;honeypot&quot;])) {
    echo &quot;Spam submission detected.&quot;;
    exit;
}

// Limit form submissions from the same IP address
$ip = $_SERVER[&#039;REMOTE_ADDR&#039;];
$submission_limit = 3;
if (isset($_SESSION[&#039;submissions&#039;][$ip]) &amp;&amp; $_SESSION[&#039;submissions&#039;][$ip] &gt;= $submission_limit) {
    echo &quot;Submission limit exceeded.&quot;;
    exit;
} else {
    $_SESSION[&#039;submissions&#039;][$ip] = isset($_SESSION[&#039;submissions&#039;][$ip]) ? $_SESSION[&#039;submissions&#039;][$ip] + 1 : 1;
}

// Process the form submission
// Your form processing code here

// Clear form submission count after successful submission
unset($_SESSION[&#039;submissions&#039;][$ip]);
?&gt;

Keywords

CAPTCHA honeypot form validation CSRF token IP blocking

What are common methods to prevent spam attacks through contact forms in PHP?

Keywords

Related Questions