Honeypot Captcha classic asp code?

Good morning, I am trying and failing miserably to implement a captcha, mostly because I have no asp experience, could anyone assist?

Multiple html pages have a contact form in footer, this has form validation in place and fires off an asp page which sends an email & redirects to thanku.asp.

I wanted to add the honeypot captcha, so added another field [body] and hid it using css. I then added the code below that to check its null. When I click submit the form is processed even when hidden field has content insid开发者_StackOverflow中文版e, can anyone spot where I am going wrong?

<div id="captchafield">
<input type="text" name="body" value="" />
</div>

<script language=javascript>

if(!String.IsNullOrEmpty(Request.Form["body"]))
  IgnoreComment();

  </script>

You're going wrong by checking the field with only JavaScript; you should check that it's blank server-side and if not, then ignore / reject submission. E.g.

HTML

<div id="captchafield">
    <noscript>Security field; please leave this blank</noscript>
    <input type="text" name="captcha" value="" />
</div>

ASP

Dim captcha

captcha = Request.Form("captcha")

If captcha <> "" Then
    Response.Redirect("badcontent.asp")
End If

' continue 

What you can use JavaScript for is to hide the captcha field and / or display a message which lets users know not to fill it in if their JavaScript is off (see <noscript> in example code above). Bots / scripts will ignore the warning and fill in the field and trigger your trap.