Sorry for taking so long to see this.. but in that portion of the contact form you need to add the code:
Code:
<P>
I am a human code (case sensitive): <IMG SRC="php/human_code.php" WIDTH="60" HEIGHT="20" BORDER="1" ALIGN="middle" ALT="human code"> (If you can't tell what some of the characters are, just reload the page by right-clicking somewhere on this page and select the <STRONG>refresh</STRONG> menu option and let it generate a new sequence).
</p>
The important bit is what's in the <IMG> tag. The human_code.php script is the one that generates the image. Of course, change the relative path and scriptname if your is different. The form on my website that uses this is
www.markheadrick.com/addguest.htm
Inside your email.php script, add the following bit of verification code:
PHP Code:
$human_code = stripslashes($_POST['code']);
if (!isset($_SESSION['code'])) {
// do whatever needs to be done because the session variable does not exist.
// most likely because a bot was trying to use the form and never called the human_code.php script
}
if ($human_code != $_SESSION['code']) {
// do whatever needs to be done if code does not match or was empty. could have been
// a bot or a typo made by a person.
}
The basic premise is that when a human views the contact form, the human_code.php script randomly generates an image and sends the image to be displayed and stores that value in the session variable. The form processing script checks the code entered on the form against that session variable value to make sure they match.
Hopefully that's clear as mud.. brain's kinda fried after work.
