With honeypot, i mean more or less this practice:
#Register form
<style>
.hideme{
display:none;
visibility: hidden;
}
</style>
<form action="register.php">
Your email: <input type="text" name="u-email" />
Choose a password: <input type="text" name="passwd" />
<div class="hideme">
Please, leave this field blank: <input type="text" name="email" /> #the comment is for text-browser users
</div>
<input type="submit" value="Register" autocomplete=off />
</form>
//register.php
<?php
if($_POST['email'] != ''){
die("You spammer!");
}
//otherwise, do the form validation and go on.
?>
more info here.
Obviously the real fields are named with random hashes, and the honeypot field can have different names (email, user, website, homepage, etc..) that a spambot usually fillup.
I love this tecnique becose doesnt not cause the user to be annoied by capthca
Well, does anyone of you have some experience with this tecnique? How much is it efficent?