php update my web form HONEY POT + CSRF TOKEN

$10-30 AUD

In Progress

Posted

over 2 years ago

$10-30 AUD

Paid on delivery

I have a simple web form and would like some one to implement the below HONEY POT + CSRF TOKEN simple instructions are below on how to add the 2 things Quote under $80 thank you, mention HG in comments or your bid will be ignored 1 ======================================= HONEY POT This method relies on the assumption that SPAM software doesn't recognize CSS and/or JavaScript. The "honey pot" technique use a non-visible field to fool the less-intelligent robots whos automatically fills out all the input fields prior to submit the form data for further processing. <form action="[login to view URL]" method="post"> <p> <label>Name</label> <input type="text" name="your_name"> </p> <p> <label>Email</label> <input type="email" name="your_email"> </p> <p class="fax"> <label>Fax</label> <input type="text" name="your_fax"> </p> <p> <label>Comment</label> <textarea name="your_comment"></textarea> </p> <p> <button type="submit">Submit</button> </p> </form> Then use CSS to hide the "honey pot" from your form so visitors are not able to see and fill it. <style> .fax { display: none; } </style> You can also use JavaScript to assure yourself this input field will not harm your form. <script> [login to view URL]('.fax').[login to view URL] = 'none'; </script> So, if visitors can't see and fill the non-visible input fields we can consider that the form submission with not empty fax is spam. <?php // [login to view URL] if (!empty($_POST['fax'])) { // It's SPAM } ?> ============================================== 2 ============================================== CSRF TOKEN Synchronizer token pattern uses a unique token that is embedded into the HTML forms and verified on the server side. The CSRF token should be a random value that is hard to predict, preferably generated by a cryptographical algorithm. This is how to build a CSRF token: <?php // PHP 7 $token = bin2hex(random_bytes(32)); // PHP 5.3 with mcrypt $token = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM)); // PHP 5.3 with openssl $token = bin2hex(openssl_random_pseudo_bytes(32)); // PHP 4 $token = base64_encode(time() . sha1($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) . md5(uniqid(rand(), true))); // Store the token into a session variable! $_SESSION['token'] = $token; ?> Then include the token into your HTML form. <form action="[login to view URL]" method="post"> <input type="hidden" name="token" value="<?php echo $token; ?>"> </form> To validate a token you must compare the form value with the session value. <?php // [login to view URL] if ($_SESSION['token'] !== $_POST['token']) { // It's SPAM } ?> ================================================= =================================================

Software Architecture

Project ID: 32362259

About the project

6 proposals

Remote project

Active 2 yrs ago

Looking to make some money?

Email address

Benefits of bidding on Freelancer

Set your budget and timeframe

Get paid for your work

Outline your proposal

It's free to sign up and bid on jobs

Awarded to:

@aleksandernejfe

Greetings! HG----HG-----HG I can help you with your project. I can do all the tasks you’ve mentioned in your job post. I'm available immediately to start working on the project. I've gone through your job description and I can start working on it right away! There's no point in attracting clients to a website that they'll want to close right away. But don't worry, that won't happen to you, as I will create the perfect design for your startup website. I have designed and developed more than 40 websites from scratch in my experience of 4+ years. With my skills and background, I am confident that I will quickly surpass your expectations for this role. I am available to start immediately. I have extensive experience working with HTML, CSS Javascript, jQuery, Bootstrap, Wordpress, WooCommerce and PHP. Apart from my technical skills, I'm a very communicative person, outgoing, and love being a team player. I enjoy learning, so if there's anything that I don't know, I'm more than happy to be a student and learn from someone who knows more than me. I'm open-minded to constructive criticism and will take any advice to grow as a developer. The proposed budget is not a hard estimate, since I don't know how the new pages will look like, and I would wish to speak more about the project to give a more accurate estimate and demonstrate how I can of value to you. Please feel free to send me a message, and I look forward to hearing from you!

$30 AUD in 3 days

5.0

(1 review)

3.4

6 freelancers are bidding on average $53 AUD for this job

@psharma3368

HG hello sir I can add both honey pot + csrf token to the form according to your suggestion. fax is hide form users and if its submit with value its means spam csrftoken If not match with session then spam. please text me so we can discuss and start work. thanks

$60 AUD in 1 day

5.0

(46 reviews)

5.3

@mykrsolovlo

HG Hello there! I have rich experience in web development. I have read your project description carefully. I am very interested in your project. I hope to work with you. Thanks regards.

$80 AUD in 1 day

5.0

(2 reviews)

0.9

@dmytrokyrychenk4

Hello. I have read your requirement and I noticed that I am appropriate to this project. Success rate of 100% is guaranteed. I promise I will finish this project with high quality on time. I hope you to contact me so that we have a full discuss with the project. Best regard!

$20 AUD in 7 days

0.0

(0 reviews)

0.0

@usamasohail91

HG ⭐⭐⭐⭐ Hi, Thanks for reviewing my bid I have gone through your job post carefully and understand your requirements. I can do that perfectly. If you think I am suitable for this task .Let me know.. I am CERTIFIED FULL STACK DEVEOPER Thanks

$50 AUD in 2 days