Results 1 to 12 of 12
  1. #1
    ABW Ambassador I.M.O.G.'s Avatar
    Join Date
    February 19th, 2011
    Location
    Rootstown, OH
    Posts
    1,096
    PHP forms, sneaky hidden fields
    I'm interested in some programming help related to PHP, and potentially CSS also.

    I want to create a question and answer field that is only viewable by text-only browsers, like Lynx or cURL. I want this question and answer field to be invisible to any normal browser (chrome, firefox, etc). What is the code I would need to get this behavior? Using the user agent will not work for my purposes, as my target audience forges the user agent value. My target audience also commonly disables javascript or uses noscript, so javascript solutions don't suit my needs either.

    Help appreciated.
    Last edited by I.M.O.G.; July 20th, 2011 at 06:12 PM.
    Matt Bidinger
    Online Community Engagement

  2. #2
    Newbie
    Join Date
    December 14th, 2010
    Location
    Las Vegas, NV
    Posts
    49
    Howdy,

    We currently use something similar to this.

    Use this snipet to test against $browser.

    Code:
    <?php
    echo $_SERVER['HTTP_USER_AGENT'] . "\n\n";
    
    $browser = get_browser(null, true);
    print_r($browser);
    ?>
    Check browser_name_regex against $browser to see if it matches lynx or curl. If it matches, display your content.

  3. #3
    ABW Ambassador I.M.O.G.'s Avatar
    Join Date
    February 19th, 2011
    Location
    Rootstown, OH
    Posts
    1,096
    Thanks, that would work for what you explained, but my original post wasn't clear enough. Sorry about that. I've updated it to clarify I can't use the user agent value. My target audience for this actually forges their user-agent, so I have no way to tell the difference between someone on firefox, or someone claiming to be on firefox.

    I used text based examples like Lynx/Curl because I know they don't pay any attention to CSS, but the user agent value could be anything in my scenario so that doesn't help. Essentially, I want to use CSS which hides the field on normal browsers, but the CSS will be ignored for anyone using Lynx/curl/etc, so they would still see the field.

    That's the sneaky part - my goal is to roughly determine if the visitor actually supports CSS or not, then handle the users on either side of the fence appropriately. For example, there are 5 input fields, 4 of them are visible to normal users, 1 of them are only visible to text-only browsers. I can then handle the input I receive in accordance to what fields are filled out.
    Matt Bidinger
    Online Community Engagement

  4. #4
    Newbie
    Join Date
    December 14th, 2010
    Location
    Las Vegas, NV
    Posts
    49
    Text based browsers don't support Javascript. So the secondary option of using JS to detect browser type is gone.

    The easiest way to accomplish what you are looking to do would be to put your form inside of a <noscript> tag.

    Code:
    <noscript>Modern browsers will not show this code unless the user specifically turned off javascript.</noscript>
    Text-Based browsers do not support Javascript, and thus will show anything in the noscript tag. Modern browsers will ignore the noscript tag unless Javascript is turned off on the browser (fairly rare thing).

    The <noscript> solution is not perfect, but probably is the closest thing you are going to get without using php or JS directly.

  5. #5
    ABW Ambassador I.M.O.G.'s Avatar
    Join Date
    February 19th, 2011
    Location
    Rootstown, OH
    Posts
    1,096
    Thanks, I didn't think of that. Could work pretty well. I'll take it for a test run. My audience is pretty technical and the ABP and noscript plugins are pretty popular with the firefox crowd, so I'm a bit concerned about visitors that prevent javascript from running being classified incorrectly.

    My goal is to detect and classify visitors into two groups:
    1. Browser supports stylesheets (doesn't see/fill in my hidden field)
    2. Browser does not support stylesheets (sees/fills in my hidden field)

    Depending on which group the visitor is in, I will treat them differently... One goes to heaven, one goes to hell. Few people disable javascript support, but plenty of technical folks do if they are concerned about the security of their browser - almost no one disables stylesheet support, so that makes it the most desirable solution for me.

    Could I use something like this to do what I need using CSS?
    Matt Bidinger
    Online Community Engagement

  6. #6
    ABW Ambassador I.M.O.G.'s Avatar
    Join Date
    February 19th, 2011
    Location
    Rootstown, OH
    Posts
    1,096
    Figured out what I needed to do using CSS. For some reason it works fine when I put the CSS inline, but not any other way I tried it. For anyone interested, here is an example of the code I'm using:

    Code:
    <table>
    <tr>
    <td style="visibility: hidden;"><?php echo 'Random Question: What is 2+2?' ?></td><td style="visibility: hidden;"><input type="text" size="35" class="form" name="answer" value="<?php echo $sVar_answer ?>"></td>
    </tr>
    </table>
    Class A of user will never see that random question, or fill out that field - they get the red carpet treatment. Class B of user will see that random question, and fill out the field - they get banished.
    Matt Bidinger
    Online Community Engagement

  7. #7
    Analytics Dude Kevin's Avatar
    Join Date
    January 18th, 2005
    Location
    Rochester, NY
    Posts
    5,904
    Quote Originally Posted by I.M.O.G. View Post

    Class A of user will never see that random question, or fill out that field - they get the red carpet treatment. Class B of user will see that random question, and fill out the field - they get banished.
    Ah ha. Was trying to get my head around what you were up to.
    Kevin Webster
    twitter: levelanalytics

    Kayak Fishing
    Web Analytics and Affiliate Marketing

  8. #8
    Member
    Join Date
    January 13th, 2007
    Posts
    118
    Wow, I think you just gave me the solution I've been looking for in my registration form. I already have a blackhole trap that is doing well to catch badbots, and it uses css hidden property and a link.

    The CSS for something like what you did on my form field would probably work well - I'd just have to figure out the validation on submit and send them to my blackhole.

    Thanks for sparking a new idea for me :-)

  9. #9
    ABW Ambassador I.M.O.G.'s Avatar
    Join Date
    February 19th, 2011
    Location
    Rootstown, OH
    Posts
    1,096
    No problem. It has proven fairly effective.

    Just today so far, its blocked 62 attempted registrations. That is out of 199 total blocked registrations so far today. 15 people have registered successfully today.
    Matt Bidinger
    Online Community Engagement

  10. #10
    Member
    Join Date
    January 13th, 2007
    Posts
    118
    Oh, that sounds fantastic! Most of my junk registrations have these weird "names" in both the login name and name field - sometimes identical or off by one character. At first, I was trying to write some complicated validation on these fields...

    But I think I'll try this first, and see if I can cut this down with the hidden field. Thanks Again!

  11. #11
    ABW Ambassador I.M.O.G.'s Avatar
    Join Date
    February 19th, 2011
    Location
    Rootstown, OH
    Posts
    1,096
    You had mentioned your site was built on wordpress I believe. If you aren't already doing it, you can also use the check_spammers_plain.php from here to filter registrations against SFS. I have a friend who integrated that script with his wordpress registration.
    Matt Bidinger
    Online Community Engagement

  12. #12
    Member
    Join Date
    January 13th, 2007
    Posts
    118
    Thanks Matt. I do have wordpress, but also a php script in the business listing directory - and that's the one that gets spam registrations all the time. I'll definitely check out the check_spammers_plain.php as well.

  13. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Hidden backend sales and Hidden OTO costs
    By Stratplayer1 in forum Midnight Cafe'
    Replies: 9
    Last Post: October 13th, 2008, 01:25 PM
  2. Replies: 1
    Last Post: February 9th, 2005, 12:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •