This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Safe Signup Form

Description

To stop automated attacks, Safe Signup Form leverages Elliot Back’s WP Hashcash — an elegant anti-spam engine that uses javascript to determine if the form is submitted by a robot or a web browser.

An administration page provides three options for handling submissions identified as spam:

  • Delete spam submissions.
  • Flag spam submissions (and forward them anyway).
  • Forward without flagging.

The basic plugin offers a simple name and email form, but the php can be easily modified to incorporate any number of fields.

Safe Signup Form uses XHTML compliant code and has been tested in WordPress 2.7 through 3.3.1, MSIE 7, 8, and 9, Chrome, Firefox, and Safari.

FAQ

Q. I can’t get the form to send me an email.

A. The form should pick up the default admin email associated with your install of WordPress. To change it go to the Safe Signup Form options page under Settings in the WordPress Admin tool (you may need to log in as “admin”). You can then change the “forwarding email” value.

Since the forwarding email is generated by a script it may be blocked by your email server or filtered as junk mail by your email program. Check any spam or junk mail folders at the local and server level.

Q. Can I automatically forward an email confirmation to the user?

A. Not yet. I did not include automatic email confirmation because of the security implications — it allows a form to become a conduit for spamming third party addresses. The HashCash technology stops most robotic spam attacks, but human spammers could take advantage. I may add email confirmation as a option to a future version.

Q. Can I add additional fields?

A. The only way to add fields is to directly edit the plug-in PHP. If you know HTML and a little PHP this isn’t too difficult.

There are three places in the code where a new form field is defined or processed. First, in the ddfs_install() function its validation rule should be entered in the $options['error-rules'] array. Second, also in the ddfs_install() function, its label, if any, should be entered in the $options['forward-labels'] array. Finally, in the ddfs_form_display() function, the form markup must be entered in the $form array where the key matches that entered in ddfs_install().

Q. How do I change the appearance of the labels, fields and messages?

A. You can create the formatting you want by editing the “Custom Styles” option at the bottom of the Secure Form – Signup page. The default CSS is:

div.ddf label { padding-right: 0.5em; }
p.intro { font-style: italic; }
p.error { color: #ff0000; }
p.success { font-weight: bold; }

To stack labels over the fields, change div.ddf label to:

div.ddf label { display: block; }

To align fields to the right of the labels, you can try something like:

div.ddf label { display: block; float: left; width: 12em; }

Experiment with CSS and you should be able to get the format you like.

Changelog

1.1

  • Updated code to use localization (translation) functions for both admin options and output.
  • Corrected the “Error-spam flag” and “Error-spam cancel” entries to pass through HTML tags.
  • Added a “Compliant XHTML” admin option that will place the plugin javascript and CSS into the header of each page rather than into the body of the local page.
  • Corrected a bug with the form action value that caused problems with calling the plugin from a template outside of The Loop

1.2

  • Made the Safe Signup Form options page a submenu of Settings to match common practice.

Contributors & Developers

This is open source software. The following people have contributed to this plugin.

Contributors

Browse the code