Comments on: Random Javascript and PHP generation

By: Gareth Heyes

Gareth Heyes — Mon, 17 Sep 2007 23:24:55 +0000

No problem enjoy

By: Dave

Dave — Mon, 17 Sep 2007 22:30:05 +0000

Thanks for this code. Very interesting.

By: Bobby

Bobby — Sun, 16 Sep 2007 20:34:59 +0000

Thanks for this plugin!

By: deviantz

deviantz — Sat, 08 Sep 2007 14:15:14 +0000

ei thanks! i will try this code.. actually i need this kind of code for my new project.

thanks again!

By: Ronald Allan MOjica

Ronald Allan MOjica — Sat, 08 Sep 2007 14:15:00 +0000

looks great !!! its a big help!!!

By: Thorin

Thorin — Wed, 15 Aug 2007 19:38:55 +0000

There’s the gauntlet

By: Gareth Heyes

Gareth Heyes — Wed, 15 Aug 2007 15:31:44 +0000

Yep I look forward to developing something to defeating them if they get passed my spam protection

By: nEUrOO

nEUrOO — Wed, 15 Aug 2007 15:27:44 +0000

We start seeing more and more JavaScript (based) crawlers. They won’t have any problem with these kind of protections.

But well, sure it’s working well so far. I used to work on this kind of protection for a phpBB forum I have, and well, no more spam

By: Gareth Heyes

Gareth Heyes — Wed, 15 Aug 2007 11:30:33 +0000

Yep it’s surprising how much of this comment spam isn’t parsing Javascript, they certainly have the ability to do it.

The problem with the technique you mentioned is that it is quite easy for a spammer to create the key (server side) without having to parse Javascript. Therefore your technique relies on the spammer not knowing how you are protecting the form.

By: Harold

Harold — Wed, 15 Aug 2007 11:20:01 +0000

I’ve used something similar a while back. I used a MD5 JavaScript to create a hash of the users’ name before submitting the form.

I then created the same hash in php and compared them to each other…

This reduced the spam posted using the contact form of that particular site to zero.

-H-