Despite CAPTCHA, spammers have been submitting spam forms on a few of our client’s websites. The submissions usually have the same first and last name, and often contain a website address in the message. I was able to add a little code to the theme’s functions.php to prevent this type of thing.
add_filter( 'gform_validation_1', 'validate_contact_fields_1' );
function validate_contact_fields_1( $validation_result ) {
$form = $validation_result['form'];
// first and last name can't be the same
if ( rgpost( 'input_1' ) == rgpost( 'input_2' ) ) {
// set the form validation to false
$validation_result['is_valid'] = false;
//finding Field with ID of 1 and marking it as failed validation
foreach( $form['fields'] as &$field ) {
//NOTE: replace 1 with the field you would like to validate
if ( $field->id == '1' ) {
$field->failed_validation = true;
$field->validation_message = 'First and Last Name can not be the same.';
break;
}
}
}
// Message can't contain a URL
$nourl_pattern = '(http|https)';
if ( preg_match( $nourl_pattern, rgpost( 'input_4' ) ) ) {
$validation_result['is_valid'] = false;
foreach( $form['fields'] as &$field ) {
if ( $field->id == '4' ) {
$field->failed_validation = true;
$field->validation_message = 'Message can not contain website addresses.';
break;
}
}
}
//Assign modified $form object back to the validation result
$validation_result['form'] = $form;
return $validation_result;
} // end function validate_contact_fields_1