Skip to content

Instantly share code, notes, and snippets.

Last active August 2, 2023 22:52
  • Star 62 You must be signed in to star a gist
  • Fork 10 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Simple honeypot for an HTML form using PHP
//check if form was sent
$to = '';
$subject = 'Testing HoneyPot';
$header = "From: $name <$name>";
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
//honey pot field
$honeypot = $_POST['firstname'];
//check if the honeypot field is filled out. If not, send a mail.
if( ! empty( $honeypot ) ){
return; //you may add code here to echo an error etc.
mail( $to, $subject, $message, $header );
<title>HoneyPot for HTML Form Example</title>
<form method="post" action="#my-form" id="my-form">
<!-- Create fields for the honeypot -->
<input name="firstname" type="text" id="firstname" class="hide-robot">
<!-- honeypot fields end -->
<input name="name" type="text" id="name" placeholder="Name" required><br>
<input name="email" type="email" id="email" placeholder="Email" required><br>
<textarea name="message" id="message" placeholder="Enter your message here" required></textarea><br>
<input type="submit">
Copy link

wvlnsr commented Sep 6, 2021

I'm sorry if i sound dumb, but i only need to put this on form page? Or is there some other code i need to add somewhere?

Copy link

@wvlnsr, you'd add it to the same page as your form. It checks if there's been POST parameters and runs it through a check. If the firstname dummy field is filled it won't send the email to your address 👍

Copy link

Thanks for the response. I

Copy link

That worked like a charm.
I used only few lines in my ready made web post form - honeypot field and check
And few lines in html part.
Now will look how many will overcome.
But these spambots are crazy - as soon as I put website online, I got one spam per 2 min. Disaster.

Thanks to you for code!

Copy link

Yasso2023 commented Jan 18, 2023

Hello all,
I am also struggling with spam and looking for a way to get this problem under control.

I have a question about the code, is this exactly as specified above inserted on the same page as text or is this inserted under Contact form 7 (additional settings).

do I need to customize the code other than the placeholder texts?

Sorry for my simple questions.
Thanks in advance :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment