Sometimes the browser validation and captcha are not enough to block spam from a form. Here's a way to add customised filters to 'blacklist' and block text strings that you specify.
This FAQ makes use of the 'php-spam-filter' library published by IQAndreas on GitHub. First go to GitHub and download the filter class here and the set of 'blacklists' here. Unzip the filter class file and copy the php-spam-filter-master folder to /components/com_chronoforms5/extras/ on your site. That folder now contains an empty blacklists folder, unzip the second file and copy the blacklist text files there.
We'll test with a basic form:
+ in the Designer tab add a Textarea Box element and a Submit button element.
+ in the Setup tab add an HTML (render form) action to the On Load event and an Event Switcher and a Debugger action in the On Submit tab.
+ edit the Event Switcher action and add spam to the Events box (remove the pre-set events). Click the Load Events button.
+ In the code box add this code
<?php include (JPATH_SITE.'/components/com_chronoforms5/extras/php-spam-filter-master/spamfilter.php'); $blacklists = array( 'blacklist-misc.txt', 'blacklist-medication.txt', ); $filter = new SpamFilter($blacklists); $result = $filter->check_text($form->data['textarea1']); if ( $result ) { // Result contains the matched word (not the matched regular expression) echo "<p>There is a special place in hell reserved for people who post about '{$result}' on my form!</p>"; return 'spam'; } ?>
+ Add a Show Stopper action to the new spam event of the Event Switcher.
Notes:
- 'textarea1' in the $result line needs to be replaced with the name of the TextArea box element.
- This file includes two of the blacklist files: blacklist-misc and blacklist-medication. You can add more files here depending on what you need to block. Or you can remove $blacklists from the $filter line to check use them all.
- There is a default message in here for testing - replace this with your own if you need one, or just leave the Show Stopper to prevent the form processing any further.
The blacklist files include lists of strings or regular expressions that are used as filters. You can edit these or add new lists of your own (add the new file name to the index file in the blacklists folder).
For example, you can block all entries containing http by adding that to a line.