Why Does Submitting a Form Require Two Steps?
Many form processors let visitors submit a form in only one step: users fill in the form, and are done after pressing the submit button. With FormSmarts, there is an extra confirmation step, during which users are invited to review and confirm the information submitted. There are two strong reasons why we added the confirmation step.
The first reason is quality. FormSmarts is typically used for transaction where the information submitted is important. Important because the information collected is intended to be read by humans, rather than machines. Important because this information is often intended to be acted upon.
By allowing users to review and modify their submission, we increase the accuracy of the information you get in the end.
Form users understand that, and it increases their confidence that you value the information they are sending you. Most of times, confirmation will only add a few seconds to the whole transaction.
The second reason is security and usability. Many form submissions are automated, or even manual spamming attempts, known as form spam or comment spam.
When a user presses the submit button, a lot more happens on the server than you may suspect. If we spot a likely spamming attempt, we'll ask the user to complete one or more tests (e.g. CAPTCHA test) on the confirmation page. But in the same time, the bulk of users will never be asked to waste time on a CAPTCHA test.
Posted on Wednesday, 23 April, 2008 at 05:59 in form-handler
Permalink | Comment
Tags: form-spam, usability, form-handler
Spammy Awards
We can't resist publishing the story of a spammer, who yesterday ended up on a blog using FormSmarts for their weblog comment facility.After finding the blog on Google, the spammer confidently tried to submit an outrageously spammy message: FormSmarts form spam filter gave the comment a score of 739, where anything greater than 0 is considered to be spam. That is — and by far — the most spam-looking message we ever recorded.
FormSmarts would like to thank this spammer for this amusing moment.
Posted on Friday, 28 December, 2007 at 20:00 in form-spam
Permalink | Comment
Tags: form-spam, comment-spam
FormSmarts Form Builder and Form Spam Filter Updated
A major FormSmarts upgrade was rolled out today. Changes include:- New features in the form generator, like the ability to delete a field in a form
- A simplified user interface for generated web forms
- A major upgrade of the form spam protection engine
Posted on Friday, 28 December, 2007 at 06:40 in form-spam
Permalink | Comment
Tags: form-spam, form-builder, upcoming, web-forms
Protecting HTML Forms from Spam with JavaScript
If you are looking for a quick way to avoid automated form spam on existing forms, you may want to try this simple JavaScript form spam protection trick. You won't get a level of form protection (and usability) comparable to what you would get with FormSmarts, but then you can implement the trick on any existing forms, irrespective of the form handler you are currently using.We plan to offer the ability to use FormSmarts as a form spam filter for third-party forms within a few months. This will effectively allow users of other form processors to benefit from FormSmarts' form spam protection on their existing HTML forms, with very little change. Details and availability will be advertised here.
Posted on Tuesday, 25 December, 2007 at 20:01 in form-spam
Permalink | Comment
Tags: form-spam, upcoming
How Did Comment-Spammers Find My Blog?
Did you ever wonder how comment spammers discovered your blog?Crawling the Web
One possibility is that the spammer sent out a bot to crawl the web from blog to blog. This requires some infrastructure, and is becoming less effective as more bloggers use some kind of comment spam protection mechanism.Searching Google
It then becomes more effective for the spammer to simply use Google, searching for all the pages with the phrase post a comment, but without the terms sign in, register, log in, etc.http://www.google.com/search?q=%22post+a+comment%22 +-intext%3A%22login%22+-intext%3A%22log+in%22+-intext%3A%22register%22 +-intext%3A%22sign+in%22+-intext%3A%22signin%22+-intext%3A%22sign+up%22 +-intext%3A%22signup%22+-intext%3A%22logged+in
And as an additional benefit, blogs come already sorted by "importance" in the seach results.
Extending the query to restrict results to blogs not using Captchas is left as an exercise to the reader.
What This Means to You
Avoid standard phrases like post a comment on your blog. More creative phrases like Reply to this Post, share your views or letters to the editor may be safer.Posted on Wednesday, 12 December, 2007 at 08:49 in form-spam
Permalink | Comment
Tags: comment-spam, form-spam
Form Field Data-Type Guessing
The type of a form field defines the range of values it may contain. Using an appropriate datatype for each input field is important to allow correct form validation. FormSmarts form spam filter also behaves differently, depending on the data expected for each field.To prevent common mistakes, FormSmarts Form Creator now tries to infer the correct field type from the name you specify. However, if you are unsure about what type is best for a particular field, read the help page.
We've added a page with partner sites
Posted on Tuesday, 04 December, 2007 at 19:00 in form-builder
Permalink | Comment
Tags: web-forms, form-spam, form-validation
