I am developing a website for a client and they wish for a contact form to be displayed on one of the pages. I was wondering if there was a form generator that would generate a contact form which would prevent spam OR have a captcha image on it so that spam wasn't sent by bots to the client's e-mail address. This form will be displayed on a HTML page, not a PHP page.
The Site Wizard's offering is not fully secure, so don't use that if you can help it. Look at the second link, but you may need to do a little tweaking to tune it to your needs. And above all, keep the PHP out of the visible markup (separate file) and test it thoroughly.
very interesting, knowing your coding knowledge. I know nothing about coding (please keep that in mind). In what way is the Site Wizard's offering not fully secure? I would be interested to know. I can see that it has no way of validating the sender's email address, but I don't think you mean that type of thing do you?
You're almost 100% right, MAJ. Whatever is entered in the form fields is not subject to proper and detailed filtering; the Site Wizard code allows you to specify mandatory fields, but doesn't make rules about what those fields should contain -- thus preventing the use of spam keywords, gibberish instead of an e-mail address and/or phone number, or foul language. Spammers are getting better at using forms, so you need something to block the most obvious keyword content. Hence the extra filters.
Ah, got ya, Kemistri, something to watch out for indeed. I did use that form (am still using it) on a site I helped a mate set up. So far he hasn't had any problems with it, no spam whatsoever and his email address hasn't been harvested from it (as far as we can make out), but even I did notice that gibberish can be entered and sent without invoking the error page. It's probably worth moving to the other script when I get a bit of time to do so. Thanks for your reply, Kemistri, I appreciate it.
Your friend's e-mail address will be hidden safely by the Site Wizard script -- it reacts to anyone trying to view the PHP file via the address bar by bouncing them to an HTML file, so they never get to see the code.
This thread is now locked and can not be replied to.