0

First, I don't know if I chose the right title, so I'll explain. My website receive many spam comments, so to combat the spam, I added a hidden input into my comment.php (wordpress) form - its about comment form not contact or else form. The HTML:

<input type="text" name="url" id="url" value="'. $comment_author_url .'" size="44" tabindex="3" />
<span class="error"><?php echo $urlErr; ?></span>

CSS: 

input[type="text"]#url { display: none; }

At the beginning, to block bots for posting comments I add a jquery code. Its worked ok but I still receive spam-comments. I read on the internet that these bots have javascript disabled so my method is pointless.

So I tried to use php... The first code I tried

$url_error = '';
$urlErr = '';
if($_REQUEST['submit']){
if(trim($_REQUEST['url'] !== "")){
$urlErr = "Go away";
}else {
$url = trim($_REQUEST['url']);
}
}

With this php code if the bot will fill the hiddent input url then it will not submit a comment. But the code didn't work.

I tried another code from w3school:

$urlErr = "";
$url = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!empty($_POST["url"])) {
$urlErr = "Go away";
} else {
$url = test_input($_POST["url"]);
}
}

function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

But also didn't work. So What I'm doing wrong? :( I need to make it work with php... its very interesting method to block spammers.

Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
Senep Ali
  • 117
  • 2
  • 11
  • why not use recaptcha? You're trying to accomplish something that has been long established – Brandt Solovij Feb 24 '16 at 20:35
  • 1
    Google even suggests to use a checkbox for stuff like this, *really*. – Funk Forty Niner Feb 24 '16 at 20:37
  • I added a simple captcha and it was easily passed then I tried to recaptcha to my comment form but I couldn't integrate it (I asked a question here about recaptcha but even today I didn't received any answer) ... then I read about that method. – Senep Ali Feb 24 '16 at 20:39
  • If you have a better ideea I really will follow it ... but I'n not good on php.... – Senep Ali Feb 24 '16 at 20:40
  • 2
    http://stackoverflow.com/questions/15319942/preventing-bot-form-submission and point #5 in http://code.tutsplus.com/tutorials/6-easy-and-efficient-ways-to-combat-spam-comments--wp-26793 – Funk Forty Niner Feb 24 '16 at 20:46
  • Its a brilliant idea point #5 but if bots have javascript disabled then what is the point? My checkbox will be useless. Maybe the same idea but with php... could it be done? – Senep Ali Feb 24 '16 at 21:35
  • 1
    @fantastickmath Point #5 is to be used with a PHP method, not JS. You just need to tweak it so it works with PHP, nothing hard about that. Do @ me if you wish to ping me. I may not keep this tab open any much longer. – Funk Forty Niner Feb 24 '16 at 22:13

2 Answers2

0

You cannot add fields like that since wp's core handles all requests, you are better off disabling comments and installing facebook or disqus widgets.

but if you still want to add a field I can recommend you a plugin: https://wordpress.org/plugins/anti-spam/

Anti-spam plugin blocks spam in comments automatically, invisibly for users and for admins

nodws
  • 1,018
  • 14
  • 18
0

My solution for this problem:

First, I added a hidden input ... So, if a bot comment on my website it will see this hidden input and it will fill it ... If someone fills this input and click the submit button it will receive a jquery stop-alert. But since many bots have JavaScript disabled then it comes to solution 2 (based on @fred indication). First I disabled the submit input button by default and then I added a checkbox. So, If anyone need to submit a comment, he must check the checkbox to enable the submit button (an operation succeeded by a jquery code). So, when bots come to comment on my website, even if they pass by the first impediment, then they will need to check the box to submit the button.... this button only triggered if they will have JavaScript enabled (But if they have JavaScript enabled then they will not pass the hidden input).

I will see if this method will work.... But until then, this is the idea (without any annoying captcha or complex operations)!

Senep Ali
  • 117
  • 2
  • 11