I have a form, which users should be able to submit only if they upload/attach a document. For that I use the following line:
<input type="file" id="file" name="attachment" accept=".pdf, .doc,.docx,application/msword,application/vnd.openxmlformats-officedocument.wordprocessingml.document" required>
This code works for real users: on my webpage, I cannot submit the form without an attachment.
However, I receive many spam submissions without an attachment. How does that even happen? How can I avoid this?
I checked many times, but could not find a solution.
Edit:
I use a php form (Post) to enable submissions. Is there a php code that makes it possible?
Schneider is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
2
Being well behaved is obviously against its interests. Most likely the spambot analyzes your form and then submits data to match its fields.
Client side validation (which includes enforcement of a required rule) is the first thing to go out of the window when dealing with spammers and scammers.