On Fri, March 30, 2007 11:54 am, tg-php@xxxxxxxxxxxxxxxxxxxxxx wrote: > Maybe I'm missing something.. if the intent is to have 'hidden' > fields that a user would end up submitting but a bot wouldn't.. that > wouldn't work very well. A bot could easily see the hidden fields and > submit them along with whatever other data they were sending. > > If the intention is to trick a bot into sending data a user wouldn't, > then again.. doesn't work because a user is going to send the hidden > fields as well. The user is going to send BLANKS for the hidden fields, since they can't fill them in. The 'bot is a stupid blind spider that will "see" the honeypot "email" field and cram in its spam there. If the 'bot-makers are savvy enough to detect "hidden" inputs and ignore them, then this doesn't help. It also doesn't hurt, though, as a normal users has zero accessibility or usability issues with a hidden field they are not supposed to fill in. (At least I assume a "hidden" field is presented to a visually-impared user in a reasonable manner...) -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
