To validate or not to validate!
To validate or not to validate, that is the question:
Whether ’tis nobler in the mind to suffer
The slings and arrows of illegible captcha scripts,
Or to take arms against a sea of anti-spam questions,
And by opposing end them?
Erm, what? To anyone not familiar with the numerous anti spam solutions available to protect email forms this may appear as understandable as Shakespeare does to me. Briefly, a ‘captcha’ system involves a user typing in the distorted letters and numbers displayed before a form can be processed. The anti-spam question asks a simple question (usually basic maths) to which you enter the correct answer and off you go. These methods are supposed to be a way of ensuring that it is in fact a human that is filling in the form and not one of these nasty automated junk mail spam bot thingamybobs.
So, what’s the problem? Well, anyone asking obviously hasn’t tried to use one before. They are a big obstacle to accessibility, even users with 20:20 vision have problems with them so goodness knows what the visually impaired make of them! At Elmnet we’ve used them before, but we now have a different approach and are going through our customers forms one by one. It will take a little time to get around everyone but we have a plan.
We built a series of web forms for Paul at PLJ Properties. The forms had a lot of work to do. They have to input the information entered to a database, add the user to a mailing list and send an email of the forms contents to the site owner. Needless to say we don’t want to have to waste our time with the spam robots filling in forms with random phrases and spam hyperlinks so we added a captcha protection system. It wasn’t particularly good. We then removed this and added an anti-spam question. This seemed to do the trick, but it wasn’t the most graceful of solutions. Then we tried a bit harder and came up with something quite simple – we validated our forms correctly.
This is a simple procedure that eliminates the need for captcha or antispam. How it works is that we specify what kind of inputs are allowed in certain fields. For example, ‘forename’ and ‘surname’ can only contain letters and spaces, and certainly no numbers. ‘Email address’ has to be in the correct format for an email address. ‘Telephone Number’ must contain only numbers and spaces and be of a certain length, and the ‘Enquiry’ box can contain all characters but it can’t contain ones starting with ‘http://’. A favourite trick of spammers is to insert hyperlinks into webforms in the hope that they will appear on the web in some shape or form.
If the entries of the webform match this criteria then it is allowed through. If it doesn’t then it’s not. Simple! No squiggly letters to fill in, no questions to answer, no blocks to useability or accessibility, just common sense!
