

SPF30 – A Spam Prevention PHP Library W/DES Encryption - jqueryin
http://www.jqueryin.com/2010/04/26/spf33-spam-blocking-prevention-php-library/

======
jqueryin
A comment regarding the usage of DES has already been brought up so I figure
I'll address that issue here.

Unfortunately it's difficult to use any variant of blowfish as I was unable to
easily convert the encrypted string into a UTF-8 compatible key to be used as
a valid INPUT element name. There's a reason behind the madness of using DES.

PHP and JavaScript both have functioning single-DES encryption implementations
which is why I went this route. I had anticipated using a more secure method
of two-way encryption but I found it was increasingly difficult to handle all
scenarios of unicode chars. The main intention of encrypting the form fields
was to obfuscate the field names from bots so they could not auto-populate
fields with names like "name" and "email".

With that being said, I may have gone a little overboard here by adding the
encryption to the spam prevention library...

