Nuisance guestbook posts

benbox

Hey all,

I've got a problem which has recently started happening with a simple guestbook I made.

Each day I'm getting seriously unwanted posts, seeming it's on a school website. The posts are of the common drugs and porn spam. However I'm not really sure how to prevent this from happening - but its probably because of my simple coding. Which, at the moment, is form to PHP_SELF, and if the vars are set - add to the database. I did however make the input vars $_POST (am I right in thinking this is only when a form is submitted?) but the issue remains.

I'm guessing that somehow an organisation has set out one of those spider scanner things, found vunrable websites and spams them automatically daily. If this is the case, how can I make form submissions secure? in the way that I ONLY want to accept inputs which are from an actual form submission (someone manually opens the page, types and clicks submit).

This problem has made me realise that my scripts are too basic, to an extent that they are a security risk..

Any help would be greatly appreciated!
Thanks!

madwormer2

Hmm, if you have ever seen the images that get created with the codes that you have to type in to verify that you're human, that is probably what you are looking for.

I'm sure that if you search hotscripts.com you could find something usable.

jamie85

One way would be create a list of words you consider unsuitable and then search each string for these words. If one of the words is found, then dont insert into the database.

madwormer2

That could lead to quite a long banned words list, and what if someone was legitimately talking about it in the guestbook, their post would not be made.

benbox

I half thought about those, but looking at other similar scripts.. I've never seen this happen, even with those that don't have the image verification, or word filtering.. so I was just thinking it was some verification for security within the script itself..

But if not, I'll have to add one of those.. cheers for the ideas!