Hey folks,
I was about to build a public app without sign-in requirements and then realized that forms in Glide do not seem to be protected from spam. There’s no reCAPTCHA integration or anything else I could see that would work to protect bots from filling out forms.
Is there something that could help protect from spam and bots that Glide DOES have? Anything you guys have figure out as a workaround?
Appreciate any tips 
Evgeny
If it’s a public app then it rules out the option to use a rollup and count the number of submissions from an account, let’s say in the past 24 hours.
But I think you can build a table with a single row to serve as your “public user profile” row, and build your tab on top of that row. Add a “session ID” user-specific column.
When the user opens the form, before showing the form, set a unique ID to that “session ID” column, and pass that value later on to the submissions table. Use a relation + rollup to count how many rows were added by that “session ID” and hide the form button as needed.
The session ID might reset when the “user” closes the app and opens it again, IP banning would have been better, to be honest.
Thank you!!
Would be sweet with the new “query” column. I imagine you would be able to set the source table being the destination table, then filter by “session ID” is “screen’s session ID” and “time is within today”.
Following up on this conversation: can a field that is not visible (via visibility condition) still be filled automatically by a bot? In which case we can use a hidden field as a honey pot to catch if it’s a spam? (assuming that a bot fills most fields). If the field is filled, then we know it’s a bot.
I doubt it. Does the bot fill those fields by elements on the screen (in that case it’s a no), or by sending POST requests to your table (that should not be the case, you should protect your API key).