Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP Build a Basic PHP Website (2018) Adding a Basic Form Validating Form Data

Micah Doulos
Micah Doulos
17,663 Points
Posted by Micah Doulos
Micah Doulos
17,663 Points

Why don't evil robots check for display: none?

In order to combat evil robots Alena Holligan suggested creating an extra field which users won't see but robots will. Setting the css to display: none makes it invisible, but robots will still try to fill the field out. So... why don't people who write malicious robot code, simply do a check for display: none before having their robot fill out a field?

2 Answers

Alena Holligan
STAFF
Alena Holligan
Treehouse Teacher
Alena Holligan
Alena Holligan
Treehouse Teacher

It is not the ONLY thing you should do, always sanitize data coming in, and it does not prevent EVERYTHING. But most bots follow the path of least resistance, and we're really using this just to prevent spam :) A stronger gate would be using something like Googles reCAPTCHA

DavidPaul sullivan
DavidPaul sullivan
17,377 Points
DavidPaul sullivan
DavidPaul sullivan
17,377 Points

At work, I'm required to do both. Using both the "honey pot" and reCaptcha. It seems like pretty common practice to do so.

Marco Fregoso
Marco Fregoso
500 Points
Marco Fregoso
Marco Fregoso
500 Points

I think evil robots ain't really got time for that