• Subscribe to the RSS feed!
  • Subscribe by Email
  • home
  • blog
  • dev

  • Recent Posts

    • Loading custom module plugins
    • Moved
    • I’ll be moving soon…
    • Quick Netbeans tip – task filters
    • Honeypot for Zend Framework
    • Toggler
    • Book review – jQuery 1.3 with PHP
    • 2009 in a few words
    • Bad Firebug!
    • Posterous

  • Recent Comments

    • Robert on Loading custom module plugins
    • Nikola Poša on Loading custom module plugins
    • Jani Hartikainen on Moved
    • Amar on Moved
    • Racinante on I’ll be moving soon…
    • Robert on I’ll be moving soon…
    • rizza on I’ll be moving soon…
    • vranac on I’ll be moving soon…
    • Alex on Online resources for Zend Framework
    • Robert on Online resources for Zend Framework

  • Tags

    about apache blog book comic error example facebook filter framework free freelance freelancing free software introduction jquery lamp licence linux me moving mysql navigation open source pcre php plugin project proprietary python random regexp registration review routing setup site svn trac twitter ubuntu virtualbox web wordpress zend

  • Categories

    • Blablabla
    • Development
    • Free time
    • Places on the web
    • Programming
    • Software

  • Archives

    • July 2010
    • June 2010
    • April 2010
    • February 2010
    • January 2010
    • December 2009
    • November 2009
    • October 2009
    • August 2009
    • May 2009
    • March 2009
    • February 2009
    • January 2009
    • December 2008
    • November 2008
    • October 2008
    • September 2008

  • Find me on

    • DZone
    • Google Code
    • Google Reader
    • Last.fm
    • StumbleUpon
    • Twitter
    • Vimeo

  • Friends and Blogs

    • Andrew Taylor
    • Andy Sowards
    • Bojan Pejić
    • Eran Galperin
    • Graham Smith
    • Jani Hartikainen
    • Jasper Tandy
    • Matthew Turland
    • Matthew Weier O’Phinney
    • Miff
    • Miloš Ćuković
    • Nebojša Radović
    • Nemanja Avramović
    • Nemanja Tobić
    • Nikola Krajačić
    • Nikola Plejić
    • Pádraic Brady
    • Rob Allen
    • Swizec Teller
    • Vladimir Stanković
    • WeAreJustCreative
    • Željko Stevanović

  • I use

    • 960 Grid System
    • jQuery
    • Notepad++
    • Subversion
    • Trac
    • Vim
    • Zend Framework

Honeypot for Zend Framework

by Robert Basic on April 21st, 2010

I just hacked up a little code snippet based on Matthew’s Honeypot WordPress plugin. It’s basically just a Validator for a Zend Form element which is hidden from the user via CSS. Cause it’s hidden, users won’t see it, but spambots will, well, cause they are bots.

If the element is left empty, it’s valid, otherwise it’s not.

So, here’s the code:

class App_Validate_Honeypot extends Zend_Validate_Abstract
{
    const SPAM = 'spam';

    protected $_messageTemplates = array(
        self::SPAM => "I think you're a spambot. Sorry."
    );

    public function isValid($value, $context=null)
    {
        $value = (string)$value;
        $this->_setValue($value);

        if(is_string($value) and $value == ''){
            return true;
        }

        $this->_error(self::SPAM);
        return false;
    }
}

I add the element to the form like this:

$this->addElement(
            'text',
            'honeypot',
            array(
                'label' => 'Honeypot',
                'required' => false,
                'class' => 'honeypot',
                'decorators' => array('ViewHelper'),
                'validators' => array(
                    array(
                        'validator' => 'Honeypot'
                    )
                )
            )
        );

There. Done.

Happy hackin’!

Tags: framework, honeypot, php, validator, zend.
Categories: Development, Programming.
Subscribe to the feed.

Comments: 10

Grab the comments feed

  • umpirsky

  • April 21st, 2010

‘validators’ => array(array(‘StringLength’, false, array(‘max’ => 0))) can do the job.

  • Robert

  • April 21st, 2010

Hah, nice! :)

  • Zend Framework in Action » Robert Basic: Honeypot for Zend Framework

  • April 21st, 2010

[...] Robert Basic has posted an article showing how to detect when an automated spam script has been used to complete and post a Zend_Form form. I just hacked up a little code snippet based on Matthew’s Honeypot WordPress plugin. It’s basically just a Validator for a Zend Form element which is hidden from the user via CSS. Cause it’s hidden, users won’t see it, but spambots will, well, cause they are bots. [...]

  • Herman Radtke

  • April 21st, 2010

Awesome! I will start using it.

  • Zend Framework News » Blog Archive » Honeypot für das Zend Framework

  • April 21st, 2010

[...] http://robertbasic.com/blog/honeypot-for-zend-framework/ [...]

  • David Caunt

  • April 21st, 2010

Quite a clever idea but I wonder what happens if you use an autofill addon to complete forms? Not all automated processes are evil, just most of them :)

  • Ed Timmons

  • April 22nd, 2010

@David: Great point. I wonder the same.

I also wonder how well this actually works as opposed to other techniques. It certainly is one of the simplest to implement – and that’s what I like about it.

Has anyone been using this technique for a long period of time? How are the results?

  • Webs Developer » Robert Basic’s Blog: Honeypot for Zend Framework

  • April 23rd, 2010

[...] Basic has posted a port of a WordPress plugin that helps you easily make a “honeypot” in your Zend Framework form to help keep the [...]

  • Marcio

  • May 4th, 2010

Men, thanks a lot. You absolutely rock with that ;)

  • Ben Muncey

  • May 11th, 2010

Dave, fancy seeing you here! Couldn’t you just given the element an abstract name?

Leave a Reply

 

Robert Basic © 2008 — 2010
Design & graphics by: Livia Radvanski
Coded by: Robert Basic
Home page last updated on November 30th, 2009.
Frameworks used: Zend Framework, jQuery, 960 Grid System
Blog is powered by Wordpress
Subscribe: Entries — RSS & Comments — RSS