Can bots submit forms?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
My first reaction is "no", but I thought I'd ask.

"Yahoo Slurp" seems to be all over me like a rash at the moment.
And then I've got a blank form submission, but only one.  No
necessary link between those two facts, but I wondered

Mark Stanton
One small step for mankind...

Re: Can bots submit forms?

Well, bots could easily submit forms if they wanted to but I doubt Yahoo
'would', it would be unusual. Could be a spambot

Quoted text here. Click to load it

Re: Can bots submit forms?

__/ [ Georgie ] on Wednesday 10 May 2006 15:26 \__

Quoted text here. Click to load it

Look at your logs and check the IP address. Reverse DNS lookup tool:


See if it's really Yahoo (Inktomi Slurp). About a week ago, someone in this
newsgroup claimed that Google had crawled his entire Web site rather
viciously. After careful simple tests, it turned out to have been a spoofer.

Best wishes,


Roy S. Schestowitz  | Free as in Free Beer   PGP-Key: 0x74572E8E
  3:30pm  up 12 days 22:27,  8 users,  load average: 0.66, 0.91, 0.73 - semantic engine to gather information

Re: Can bots submit forms?

On Wed, 10 May 2006 11:06:33 +0100, Usenet wrote:

Quoted text here. Click to load it

Bots submit forms all the time (spambots).

If you are using a PHP script, add some lines to prevent it like this:

if ($comments !="") {
    // send email
} else {
    // tell the visitor that the form was empty and to try again

To prevent humans from sending blank emails, use some JavaScript (also
following up with server-side form validation in case the visitors have
JavaScript turned off).  There are some free JavaScripts that you can use
like this:

Also check the following web page for some tips on how to prevent header
injection with PHP:

It is very common for spam bots to inject headers like
(e.g., copy the form submission to a real email address with a reply-to
from your domain).

You can also set your mail scripts to capture the IP of the person/bot
that sent the form.  I output it like this:

http://www. domaintools .com/$ipaddress (spaces inserted here to prevent

That turns into a link in my email and one click tells me where the form
submission came from.  Yahoo Slurp will be Sunnyvale, California if I
remember correctly.

Site Timeline