Preventing html entries in comments box

SilversidesFishing · April 30, 2019, 9:59pm

Hello community;
I get too much spam coming thru Gravity form submissions.
There’s always links to junk bitcoin sites or some other trash.
I have Honeypot enabled but that isn’t doing much.
Is there a way to block html or website links in the form fields???

Thanks in advance!

chrishajer · May 1, 2019, 12:48am

In what type(s) of fields are you receiving HTML content submissions?

SilversidesFishing · May 1, 2019, 1:53am

In the comments box.

chrishajer · May 1, 2019, 3:10am

Gravity Forms does not have a comments box. Can you send a link to the page on your site where we can see your form?

SilversidesFishing · May 1, 2019, 4:28am

chrishajer · May 1, 2019, 1:55pm

Thanks for the link. You mean the textarea Questions/Comments is getting html submitted in it?

SilversidesFishing · May 2, 2019, 4:10am

yes the questions comments area

SilversidesFishing · May 12, 2019, 9:40pm

Any answers ??

SilversidesFishing · May 23, 2019, 9:38pm

I have not heard anything for 2 weeks. I would really appreciate anyone who can help with this issue.
Thanks

Mad_Dog · May 23, 2019, 9:48pm

As far as I know they should be sanitized before being saved. But look at using g_form_allowable_tags to not allow anything…or maybe not allow tags which will at least stop them from being links.

SilversidesFishing · May 23, 2019, 10:43pm

This is something I am unable to do or understand. Is there a easier method?

Mad_Dog · May 23, 2019, 11:10pm

Not that I’m aware of. Maybe Chris or someone else knows another way.

MikeBav · July 9, 2020, 5:44am

I use Conditional Logic to Hide the Submit button (Form Settings page) if the Comments field contains ‘http’. Then add a HTML field with a message for humans like ‘Your enquiry contains website links, please remove them to submit the form’, with Conditional Logic to Show if the Comments contains ‘http’.
Example: https://www.tandem.net.au/wordpress/contact/
Not sure if hiding the Submit button stops all spam, but it seems to work.

SilversidesFishing · July 9, 2020, 5:53pm

Thanks Mike. I will try that.
I really wish the developers would make this easier with a simple option to not allow any urls etc in any entry. Anti spam honeypot is not very effective. I get loads of submissions for cialis etc with links.

SilversidesFishing · July 9, 2020, 11:07pm

I got the CL to work. The Submit button disappears when specific words are entered in the comments box such as (http & www).
But I don’t see a way to display a message when the bad words are entered.
In the example you provided the submit button goes away and is replaced with a message.
Thanks!!

chrishajer · July 10, 2020, 2:59am

You can add an HTML field which contains the message you want to show. You will use the same rules that you used to hide the submit button, but use them to SHOW the HTML field.

richardw8k · July 10, 2020, 4:28pm

Another option is using the gform_entry_is_spam hook to flag submissions as spam if fields contain URLs.

SilversidesFishing · July 10, 2020, 5:22pm

Thanks for the great ideas. I have implemented CL and everything seems good now!
Best fishes - BM

Topic		Replies	Views
Preventing spam, even when you have honeypot and CAPTCHA enabled Get Help gform_field_validation , spam , honeypot , captcha , akismet	6	4781	December 9, 2021
Turn Off Notifications if Text Box Contains any URL Get Help conditional-logic , spam , zero-spam	2	515	March 24, 2022
How to block URLs in text area Get Help gform_field_validation	6	1652	January 26, 2022
How does the built in spam feature work? Get Help spam , honeypot , akismet	4	193	April 17, 2024
Conditional Notifications to Prevent Spam and Solicitations Get Help conditional-logic , notifications , spam , honeypot	11	1027	December 9, 2021

Preventing html entries in comments box

Related topics