Welcome to the Treehouse Community

The Treehouse Community is a meeting place for developers, designers, and programmers of all backgrounds and skill levels to get support. Collaborate here on code errors or bugs that you need feedback on, or asking for an extra set of eyes on your latest project. Join thousands of Treehouse students and alumni in the community today. (Note: Only Treehouse students can comment or ask questions, but non-students are welcome to browse our conversations.)

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and a supportive community. Start your free trial today.

PHP Build a Basic PHP Website (2018) Adding a Basic Form Validating Form Data

Micah Doulos
Micah Doulos
17,663 Points

Why don't evil robots check for display: none?

In order to combat evil robots Alena Holligan suggested creating an extra field which users won't see but robots will. Setting the css to display: none makes it invisible, but robots will still try to fill the field out. So... why don't people who write malicious robot code, simply do a check for display: none before having their robot fill out a field?

2 Answers

Alena Holligan
STAFF
Alena Holligan
Treehouse Teacher

It is not the ONLY thing you should do, always sanitize data coming in, and it does not prevent EVERYTHING. But most bots follow the path of least resistance, and we're really using this just to prevent spam :) A stronger gate would be using something like Googles reCAPTCHA

DavidPaul sullivan
DavidPaul sullivan
17,377 Points

At work, I'm required to do both. Using both the "honey pot" and reCaptcha. It seems like pretty common practice to do so.

I think evil robots ain't really got time for that