I am new to this forum and am looking for some help. I am also new to PHP so I hope I'm clear with my problem. I am helping a dog rescue group by supporting their forms and database. I created an input form that is now being spammed and I can't figure out how. The form is here: http://dogs.egrr.net/ http://dogs.egrr.net/ My flow is this: A PHP program (called adddog.php) that contains an HTML form with <form action="insertdog.php" id="dogs" name="dogs" method="post"> . I use the frmvalidator Javascript to validate the required fields also incorporated a CAPTCHA before sending the data to insertdog.php. Insertdog.php matches the CAPTCHA fields then checks for duplicate records before inserting the data. Everything has been working fine for a couple of months. My problem: Recently over 50 records got processed that are all duplicates and have no meaning. Almost all of the fields contain the number 1. If people do not have JavaScript running I can see how they can get around the frmvalidator but I can't see how they got around the CAPTCHA check and my SQL duplicate record check? How do I tighten up security on this form?
