I was about to build a public app without sign-in requirements and then realized that forms in Glide do not seem to be protected from spam. There’s no reCAPTCHA integration or anything else I could see that would work to protect bots from filling out forms.
Is there something that could help protect from spam and bots that Glide DOES have? Anything you guys have figure out as a workaround?
If it’s a public app then it rules out the option to use a rollup and count the number of submissions from an account, let’s say in the past 24 hours.
But I think you can build a table with a single row to serve as your “public user profile” row, and build your tab on top of that row. Add a “session ID” user-specific column.
When the user opens the form, before showing the form, set a unique ID to that “session ID” column, and pass that value later on to the submissions table. Use a relation + rollup to count how many rows were added by that “session ID” and hide the form button as needed.
The session ID might reset when the “user” closes the app and opens it again, IP banning would have been better, to be honest.
Would be sweet with the new “query” column. I imagine you would be able to set the source table being the destination table, then filter by “session ID” is “screen’s session ID” and “time is within today”.
Following up on this conversation: can a field that is not visible (via visibility condition) still be filled automatically by a bot? In which case we can use a hidden field as a honey pot to catch if it’s a spam? (assuming that a bot fills most fields). If the field is filled, then we know it’s a bot.