Hi Everyone,

here is a very simple and modest contribution for all those who get spams sent with their contact forms.

I have had a look at CAPTCHA method, but it's it's one more field for your visitors, and it's sometimes a pain to decipher the letters in the image. I did some searches and found that some people had come up with a simpler and more user friendly method. Search Google for "CSS antispam" and you will find many articles about this clever idea :

Basically, you insert in the contact form a field which is hidden thanks to CSS. It acts as a trap for bots, which try to fill in every field they find. In the php file that sends the mail, you then kill the script when that field is not empty.

All I did to adapt this idea to ZenCart is the following :

  • 1 -
edit the file tpl_contact_us_default.php (in templates folder)
add the new hidden field somewhere like between existing fields around line 70 or so :
Code:
 <input style="visibility:hidden; display:none;" name="leaveblank" type="text">
  • 2 -
edit the file : header_php.php (in modules/pages/contact_us/)
  • 2.1
after the line :
$enquiry = zen_db_prepare_input(strip_tags($_POST['enquiry']));
add
Code:
$leaveblank = zen_db_prepare_input($_POST["leaveblank"]);
  • 2.2
edit this line as follows (you will find it around line 23)
Code:
if ($zc_validate_email and !empty($enquiry) and !empty($name) and !empty($subject) and empty($leaveblank)) {
  • 2.3
after this line (down around line 80)
if (empty($enquiry)) {
$messageStack->add('contact', ENTRY_EMAIL_CONTENT_CHECK_ERROR);
}
add this test that kills the page if the field was not empty, i.e. filled in by a bot.
Code:
	if (!empty($leaveblank)) {
      exit;
    }
To verify, you can install the firefox extension WebDeveloper, disable Inline CSS and add something to the now-not-hidden field.

I hope that helps. The only catch would be for users who have disabled CSS, but who does that, right.. Any comments or improvements or doubts, let me know.

Best regards,

Denis