Thanks for the bug report. It looks like the front end form needs to contain some kind of ‘honey pot’ or captcha for spam entries.
Becuase the front end form is quite new to ACF, the plugin does not yet contain these features, but I’mm sure we can add them in.
Version 5 is well underway and contains PHP validation which can prevent the data from being saved. It would be quite easy to add in a hidden cutom field (honey pot) and then use the PHP validation hook to return false and stop the post from saving.
For now, I think you could do something similar using the pre_save_post action.
Give this a go:
In the acf_form args, add a hidden custom field in the ‘html_before_fields’. Perhaps also read up on the honey pot tactics online
Then in the pre_save_post action, check the $_POST data and simply
die if the form contains data in that field.
Hope that helps.
Welcome to the Advanced Custom Fields community forum.
Browse through ideas, snippets of code, questions and answers between fellow ACF users
Helping others is a great way to earn karma, gain badges and help ACF development!