-
-
Notifications
You must be signed in to change notification settings - Fork 86
Honeypot
tanthammar edited this page Nov 27, 2020
·
11 revisions
A simple way to try to keep bots from posting forms is to add a honeypot to your form.
- The trick is to
namethe field to something that a bot is very likely to auto populate with a value. - Add a
validationrule that the field should be empty using regex - Add
autocomplete()to prevent validation errors from browsers autocomplete when the user tries to save the form. - Make it
type('hidden') - Add the
class('nosy')to prevent it from taking up space (the.nosyclass exists in the theme.css)
Input::make('Street') //name the field to something that a bot has a high likelihood to auto populate
->type('hidden')
->autocomplete('srteet') //deliberately misspelled autocomplete to avoid browser autofilling value in the honeypot
->custom() //make the field custom, to ignore it when saving the model
->class('nosy') //this class exists in the theme.css, makes the field hidden
->default('') //the honeypot should be empty
->rules('nullable|regex:/^$/i') //the form will not be saved if the field has a value/* honeypot field class */
.nosy {
position: absolute;
opacity: 0;
}- Installation
- Requirements
- v5 Upgrade Guide
- v6 Upgrade Guide
- v7 Upgrade Guide
- Support
- Quickstart
- Manual installation
- Optional
- Form component
- Field
- Field types
- Example Form
- Blade Components
- Notifications