Skip to content

Instantly share code, notes, and snippets.

Last active October 5, 2023 04:20
Show Gist options
  • Save andrewlimaza/958826feac907114a57462bfc8d535ff to your computer and use it in GitHub Desktop.
Save andrewlimaza/958826feac907114a57462bfc8d535ff to your computer and use it in GitHub Desktop.
Simple honeypot for an HTML form using PHP
//check if form was sent
$to = '';
$subject = 'Testing HoneyPot';
$header = "From: $name <$name>";
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
//honey pot field
$honeypot = $_POST['firstname'];
//check if the honeypot field is filled out. If not, send a mail.
if( ! empty( $honeypot ) ){
return; //you may add code here to echo an error etc.
mail( $to, $subject, $message, $header );
<title>HoneyPot for HTML Form Example</title>
<form method="post" action="#my-form" id="my-form">
<!-- Create fields for the honeypot -->
<input name="firstname" type="text" id="firstname" class="hide-robot">
<!-- honeypot fields end -->
<input name="name" type="text" id="name" placeholder="Name" required><br>
<input name="email" type="email" id="email" placeholder="Email" required><br>
<textarea name="message" id="message" placeholder="Enter your message here" required></textarea><br>
<input type="submit">
Copy link

@wvlnsr, you'd add it to the same page as your form. It checks if there's been POST parameters and runs it through a check. If the firstname dummy field is filled it won't send the email to your address 👍

Copy link

Thanks for the response. I

Copy link

That worked like a charm.
I used only few lines in my ready made web post form - honeypot field and check
And few lines in html part.
Now will look how many will overcome.
But these spambots are crazy - as soon as I put website online, I got one spam per 2 min. Disaster.

Thanks to you for code!

Copy link

Yasso2023 commented Jan 18, 2023

Hello all,
I am also struggling with spam and looking for a way to get this problem under control.

I have a question about the code, is this exactly as specified above inserted on the same page as text or is this inserted under Contact form 7 (additional settings).

do I need to customize the code other than the placeholder texts?

Sorry for my simple questions.
Thanks in advance :)

Copy link

These are good tips. Can anyone suggest if its a good idea to use a form backend service to stop form spam?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment