0

I want to detect if spam attacks my contact form. The idea is that I want to test if the user clicks on the submit button after the page loads at least 10 seconds then the form is not sent to the server, otherwise it's eligible. I want to use JavaScript for this. The steps are:

  • When the page load => I get the start time
  • When the user clicks on the submit button => I get the end time
  • Then I do the calculation to get the duration of time the visitor has visited my page
  • If it's less than 10s then the form must not be submitted otherwise it's ok.

I tried coding like this:

<script type="text/javascript">
   function checkIfSpam( start ) {    // start if the starting time when the page loads
      var end = new Date().getTime() / 1000;  
      var total = end - start;
      if ( total < 10 ) {             // test if it's less than 10 seconds
        alert('You are a spam!');
      } else {
        alert('You are eligible!');
      }
   }
</script>

The problem is that how can I detect the starting time to pass into the function?

Tepken Vannkorn
  • 9,648
  • 14
  • 61
  • 86
  • 9
    I'm sorry to say that most spam is automated by sending HTTP requests, not by filling out your form on screen with JavaScript enabled. This isn't likely to be very effective. – Michael Berkowski Oct 12 '12 at 02:59
  • Hmm, I also got this idea too. And is there any link or suggestion related to this attack? – Tepken Vannkorn Oct 12 '12 at 03:01
  • 2
    @tepkenvannkorn, the best thing to do is use a [captcha](http://stackoverflow.com/questions/4437577/captcha-or-not). – jrd1 Oct 12 '12 at 03:03

1 Answers1

3

Above that function, so that it runs when the page is loaded, add this:

var start = new Date().getTime() / 1000;

Then you won't need to pass in the start time at all. Does that work for you?

doubledriscoll
  • 1,179
  • 3
  • 12
  • 21