I am trying in vain to include SPAM protection in the contact form … Can someone help me with this? It’s just getting worse with the spam messages! Google Recaptcha does not work … the checkout field is displayed, but no matter whether it is confirmed or not, the messages go out. Unfortunately, this is also the case with other plugins. In principle, a "simple" // "invisible" query would be enough for me. Most bots should fall for it … But I just don’t get it involved. I uploaded the original_code to github. Below is a file with "invisible" spam protection ….
https://gist.github.com/MrThiemann/3ce76269340acf52c6b5526e5bff0c3e
/* ........................................................... Template Name: Kontaktformular * * * @file contact-form.php * @filesource wp-content/themes/handwerk/contact-form.php ............................................................ */ ?> <?php $ data = get_option('bo_options'); $ response = isset( $ data['contact']['bo_contact_response'] ) ? $ data['contact']['bo_contact_response'] : null; $ recipient = isset( $ data['contact']['bo_formmail_address'] ) ? $ data['contact']['bo_formmail_address'] : null; $ shdata = isset( $ data['contact']['bo_show_dataprot'] ) ? $ data['contact']['bo_show_dataprot'] : null; $ datalink = isset( $ data['contact']['bo_dataprot_page_url'] ) ? $ data['contact']['bo_dataprot_page_url'] : null; $ bloginfo = get_bloginfo('admin_email'); if ($ recipient == '') { $ rec = $ bloginfo; } else { $ rec = $ recipient; } $ sub = isset( $ data['contact']['bo_formmail_subject'] ) ? $ data['contact']['bo_formmail_subject'] : null; $ offerinfo = isset( $ data['contact']['bo_offer_info_text'] ) ? $ data['contact']['bo_offer_info_text'] : null; if(isset($ _POST['submitted'])) { if(trim($ _POST['checking']) !== '') { $ captchaError = true; } else { if(trim($ _POST['contactName']) === '') { $ nameError = __('Bitte tragen Sie Ihren Namen ein','bobox'); $ hasError = true; } else { $ name = trim($ _POST['contactName']); } $ phone = trim($ _POST['phone']); $ subject = trim($ _POST['subject']); if(isset($ _POST['objectName'])) { $ objectname = trim($ _POST['objectName']); } if(trim($ _POST['email']) === '') { $ emailError = __('Sie haben vergessen, eine E-Mail Adresse einzutragen'); $ hasError = true; } else if (filter_var(trim($ _POST['email']), FILTER_VALIDATE_EMAIL)) { $ email = trim($ _POST['email']); } else { $ emailError = __('Sie haben eine ungültige E-Mail Adresse eingetragen'); $ hasError = true; } if(trim($ _POST['comments']) === '') { $ commentError = 'Sie haben vergessen, eine Nachricht einzutragen'; $ hasError = true; } else { if(function_exists('stripslashes')) { $ comments = stripslashes(trim($ _POST['comments'])); } else { $ comments = trim($ _POST['comments']); } } if(!isset($ hasError)) { $ emailTo = $ rec; $ msubject = $ sub; $ body = " \n\nEine Anfrage zum Thema: $ objectname \nvon:\nName: $ name \nEmail: $ email \nBetrifft: $ subject \nTelefon: $ phone \n\nNachricht: $ comments "; $ headers = 'From: <'.$ emailTo.'>' . "\r\n" . 'Reply-To: ' . $ email. "\r\n"; $ headers .= "MIME-Version: 1.0\r\n"; $ headers .= "Content-type: text/plain; charset=utf-8\r\n"; $ headers .= "Content-Transfer-Encoding: 8bit"; mail($ emailTo, $ msubject, $ body, $ headers); $ emailSent = true; } } } ?> <?php get_header(); ?> <div id="page-entry"> <?php if(isset($ hasError) || isset($ captchaError)) { ?> <h1>Sorry, <?php echo $ name;?></h1> <p class="error">Bei der Übermittlung hat es einen Fehler gegeben!<p> <?php } ?> <?php if(isset($ emailSent) && $ emailSent == true) { ?> <div class="thanks"> <h2>Vielen Dank, <?php echo $ name;?></h2> <p><?php echo $ response; ?></p> </div> <?php } else { ?> <?php if (have_posts()) : ?> <?php while (have_posts()) : the_post(); ?> <h1 class="post-title"><?php the_title(); ?></h1> <div class="contact-content"> <?php the_content(); ?> <?php include ("google-map-iframe.php"); ?> </div><!-- eof contact content --> <div class="contactform"> <?php if(isset($ _POST["object-title"])) { ?> <div class="selected-offer"> <p><?php echo $ offerinfo; ?> <a href="<?php echo $ _POST["object-link"] ?>"><?php echo $ _POST["object-title"] ?></a></p> </div> <?php } ?> <form action="<?php the_permalink(); ?>" id="contactForm" method="post"> <div class="formcolumn"> <label for="contactName"><?php echo __('Ihr Name','bobox'); ?>*:</label><input required="required" type="text" name="contactName" id="contactName" value="<?php if(isset($ _POST['contactName'])) echo $ _POST['contactName'];?>" class="requiredField" /><?php if(isset($ nameError)) { if($ nameError != '') { ?><span class="error"><?php echo $ nameError;?></span> <?php } } ?> <label for="subject"><?php echo __('Betrifft','bobox'); ?>:</label> <input type="text" name="subject" id="subject" value="<?php if(isset($ _POST['subject'])) echo $ _POST['subject'];?>" class="email" /> </div> <div class="formcolumn"> <label for="email"><?php echo __('Ihre E-Mail Adresse','bobox'); ?>*:</label> <input required="required" type="text" name="email" id="email" value="<?php if(isset($ _POST['email'])) echo $ _POST['email'];?>" class="requiredField email" /> <?php if(isset($ emailError)) { if($ emailError != '') { ?> <span class="error"><?php echo $ emailError;?></span> <?php } }?> <label for="phone"><?php echo __('Ihre Telefonnummer','bobox'); ?>:</label> <input type="text" name="phone" id="phone" value="<?php if(isset($ _POST['phone'])) echo $ _POST['phone'];?>" class="email" /> </div> <div class="clear"></div> <label for="commentsText"><?php echo __('Ihre Nachricht','bobox'); ?>*:</label> <textarea required name="comments" id="commentsText" rows="10" cols="30" class="requiredField"><?php if(isset($ _POST['comments'])) { if(function_exists('stripslashes')) { echo stripslashes($ _POST['comments']); } else { echo $ _POST['comments']; } } ?></textarea> <?php if(isset($ commentError)) { if($ commentError != '') { ?> <span class="error"><?php echo $ commentError;?></span> <?php } } ?> <?php if(isset($ shdata) && $ shdata == 'yes') { ?> <div class="wr clearfix"> <input required="required" type="checkbox" name="contactData" id="contactData" value="true"<?php if(isset($ _POST['contactData']) && $ _POST['contactData'] == true) echo ' checked="checked"'; ?> /><label class="shortleft agreelabel" for="contactData"><?php echo sprintf( __( 'Ja, ich habe die <a target="_blank" href="%s">Datenschutzerklärung</a> gelesen und bin damit einverstanden, dass meine Daten elektronisch erhoben und gespeichert werden. Meine Daten werden ausschließlich zweckgebunden zur Bearbeitung meiner Anfrage genutzt.', 'bobox' ), $ datalink ); ?>*</label></div><?php } ?> <div class="screenReader" style="left: -9999px; position: absolute; top: -9999px;"><label for="checking" class="screenReader">If you want to submit this form, do not enter anything in this field</label><input type="text" name="checking" id="checking" class="screenReader" value="<?php if(isset($ _POST['checking'])) echo $ _POST['checking'];?>" /></div> <input type="hidden" name="objectName" id="objectName" value="<?php if(isset($ _POST["object-title"])) { echo $ _POST["object-title"]; } ?>" class="readonly " /> <input type="hidden" name="submitted" id="submitted" value="true" /> <button type="submit"><?php echo __('Nachricht jetzt absenden','bobox'); ?></button> </form> </div> <?php endwhile; ?> <?php endif; ?> <?php } ?> <div class="clear"></div> </div> </div><!-- eof content --> <?php get_footer(); ?> and here is "actually" a simple invisible checkbox.
$ errors = array(); //Prüfen ob Formular abgesendet if(isset($ _POST['submit'])) { //Spamcheck mit jedem neuem Absenden zurücksetzen $ spamcheck = false; //Spamcheck if(!empty($ _POST["repeat_email"]) || isset($ _POST["terms"])) { $ errors[] = "Zusatzfelder wurden ausgefüllt, wir vermuten Spam und brechen hier ab."; } else { $ spamcheck = true; } // Eingaben Validieren if($ spamcheck = true) { if(empty($ _POST['name'])) { //Wenn Name leer $ errors[] = "Bitte geben Sie Ihren Namen an"; } if(empty($ _POST['email'])){ //Wenn Email leer $ errors[] = "Bitte Emailadresse angeben"; } elseif (filter_var($ _POST['email'], FILTER_VALIDATE_EMAIL) == false) { //Emailformat überprüfen ab PHP 5.2 $ errors[] = "Bitte geben Sie ein gültige Emailadresse an"; } if(empty($ _POST['message'])){ //Wenn Nachricht leer $ errors[] = "Bitte geben Sie Ihre Nachricht ein"; } if(!isset($ _POST["gender"])){ //Wenn Spamcheck nicht markiert $ errors[] = "Bitte bestätigen Sie den Spamcheck"; } } if(isset($ _POST['submit']) && empty($ errors) && $ spamcheck == true) { // Spamtest bestanden, alle erforderlichen Felder richtig ausgefüllt // Eintrag in Datenbank oder Email Versand echo "Alles richtig gemacht"; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Tutorial: PHP Formular Spamschutz und Validierung – Spam Emails verhindern auch ohne Captcha</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <script src="http://codeorigin.jquery.com/jquery-1.10.2.min.js"></script> <script type="text/javascript"> $ (document).ready(function(){ $ ('.terms').append('<input type="text" name="repeat_email" value="test" />'); }); </script> <style> /*Demo Formular Styles*/ label { display:inline-block; width:100px; } input { padding:5px; width:300px; } input[type="checkbox"] { width:20px; margin-right:10px; } textarea { width:410px; } .terms { display:none; } </style> </head> <body> <h2>Demo: PHP Formular Spamschutz und Spamabwehr ohne Captcha</h2> <p><a href="http://sevenx.de/blog/php-formular-spamschutz-und-validierung-spam-emails-verhindern-auch-ohne-captcha">Zum Blogartikel » sevenX.de</a></p> <noscript>Bitte aktivieren Sie Javascript zum Absenden des Formulars oder nutzen Sie eine der alternative Kontaktmöglichkeiten unter www.domain.de/kontakt.htm</noscript> <?php if(isset($ _POST['submit']) && empty($ errors) === false) {?> <div style="background:#FCC"> <strong>Bitte überprüfen Sie Ihre Angaben!</strong><br /> <?php echo '<ul><li>'.implode('</li><li>',$ errors).'</li></ul>'; ?> </div> <?php } ?> <form id="phpform" method="post" action="formular-spamschutz.php"> <p><label for="name">Name<span>*</span></label> <input type="text" name="name" value="<?=(isset($ _POST['name'])) ? $ _POST['name'] :''?>"></p> <p><label for="email">Email<span>*</span></label> <input type="text" name="email" value="<?=(isset($ _POST['email'])) ? $ _POST['email'] :''?>"></p> <p><label for="message">Nachricht<span>*</span></label><br /> <textarea name="message" rows="8"><?=(isset($ _POST['message'])) ? $ _POST['message'] :''?></textarea></p> <p><input type="checkbox" name="gender" <?=(isset($ _POST['human'])) ? "checked='checked'" : ''?>><span>*</span> Ich versende keinen Spam</p> <p><input type="submit" name="submit" value="Absenden"></p> <div class="terms"> Folgende Felder bitte frei lassen! <input type="checkbox" name="terms"> </div> </form> <p><a href="http://sevenx.de/" target="_blank">Made with love by sevenX.de - Rico Loschke</a></p> </body> </html> ``` 