SitePoint Sponsor

User Tag List

Page 3 of 3 FirstFirst 123
Results 51 to 73 of 73
  1. #51
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by abalfazl
    Hello firends

    What do you think about using IP or Cookie in order top prevent spam?

    GOOD LUCK!
    Bots won't accept your cookies, and they can switch IPs on every request. IP limiting and cookies alone will not prevent most form spam.

  2. #52
    We like music. weirdbeardmt's Avatar
    Join Date
    May 2001
    Location
    Channel Islands Girth: Footlong
    Posts
    5,882
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by abalfazl
    Hello firends

    What do you think about using IP or Cookie in order top prevent spam?

    GOOD LUCK!
    I'd think asphincstersayswhat
    I swear to drunk I'm not God.
    » Matt's debating is not a crime «
    Hint: Don't buy a stupid dwarf ö Clicky

  3. #53
    Vojtech Klima
    SitePoint Community Guest
    Small improvement:
    You can replace the characters writing code line (in method DrawCharacters) with this line, which put characters to random y coordinate, which makes it even more safe:
    imagestring($this->oImage, $iCurrentFont, $this->iSpacing / 3 + $i * $this->iSpacing, Rand(0,15)-7+(($this->iHeight - imagefontheight($iCurrentFont)) / 2), $this->sCode[$i], $iTextColour);

  4. #54
    Nate
    SitePoint Community Guest
    CAPTCHA tests are in most cases pointless. Good server side logic would be a better way to tackle this user-unfriendly method.

  5. #55
    Keep it simple, stupid! bokehman's Avatar
    Join Date
    Jul 2005
    Posts
    1,935
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Nate
    CAPTCHA tests are in most cases pointless. Good server side logic would be a better way to tackle this user-unfriendly method.
    What good server side logic can tell the difference between a robot and a human?

  6. #56
    SitePoint Enthusiast RaS!'s Avatar
    Join Date
    Mar 2004
    Location
    Italy
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nice article!

  7. #57
    Fran456777
    SitePoint Community Guest
    Hello, I tried your script and even though it works with the username and password fields, I cant seem to integrate it within my review script. Do you have any suggestions on where I can find such a script please? Many thanks

  8. #58
    David Raasch
    SitePoint Community Guest
    For over a year, I had my ezine subscription form forward me a copy of whatever a user submitted. Thanks to this, I've been able to keep track of how frequent somebody tries to hack the form.

    Let me just say that after adding this security image code from this article, I've got tons of people or robots submitting that form with blog comments !!!!

    I'm up to about a dozen per day now!!

    I'm thinking they must be somehow searching for "security image" or "security-image.php" and then filling in and submitting any form they find with that.

    I think later today I might try renaming the script to something else. But I guess I'll still need to keep the text "Security Image" in the form for human users. <sigh>

    Thanks for the article. Just wanted to point out this potentially-annoying consequence of following it.


  9. #59
    Anonymous
    SitePoint Community Guest
    Hi.
    I want to say that I really like this script. It's quite compact but very useful. I hope I can stop bots registering at my forum with this.

    There are 2 suggestions I want to make with respect to the code.
    1. I think font 5 is the best one to use, because it's really clear. Some fonts are somewhat less clear.
    2. You only use capital letters. Suppose I want to use numbers as well. This can very easily be done:

    $this->sCode .= rand(0,1) == 0 ? chr(rand(48, 57)) : chr(rand(65, 90));

    You can even set your own probabilities for getting a number or a character. Suppose you would like to get a number 20% of the time and a capital letter with probability 80%, then you would get:

    $this->sCode .= rand(0,9) < 2 ? chr(rand(48, 57)) : chr(rand(65, 90));

  10. #60
    brian
    SitePoint Community Guest
    Good work!

    Thanks very much for your article. It was very useful and well written.

  11. #61
    Always learning kigoobe's Avatar
    Join Date
    May 2004
    Location
    Paris
    Posts
    1,565
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, i found that u modified the article > http://www.ejeliot.com/pages/php-captcha

    I have tried this, while everything is working, I am not getting the fonts. Just the scratches are coming. Any idea why this is happening?

    Thanks for sharing the code.
    Best.

  12. #62
    Always learning kigoobe's Avatar
    Join Date
    May 2004
    Location
    Paris
    Posts
    1,565
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    working now ...

  13. #63
    Always learning kigoobe's Avatar
    Join Date
    May 2004
    Location
    Paris
    Posts
    1,565
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Just a quick note. I was visiting a forum, and saw that they are doing something else along with the captcha image. They are generating random text and a random number (less than the the length of that text). Say the word is SitePoint, they chose a number randomly < 10, and then ask to fill up the nth character of the word.

    So, if the random word comes as SitePoint, and the random number as 5, user will have to type P, and it is case sensitive. Seems to be a nice idea ...

  14. #64
    Malc Bailey
    SitePoint Community Guest
    It would appear that when a null value is submitted in IE7 the submission is accepted (in my case). This doen not happen in Mozilla Firefox. There appears to be a need to reject such a null value for users with IE7.

  15. #65
    qerem
    SitePoint Community Guest
    thank you very much, it's working =) great..
    tnx l lot..

  16. #66
    SitePoint Member
    Join Date
    Apr 2007
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    With the advancement of OCR products, I have found the need to bump up the security of my comments fomrs a notch. To do so, I fight spammers with an animated gif captcha.

    This captcha is math based and simple enough for a 3rd grader to answer but has multiple frames and random time elapsed so it is extremely hard for a bot to get around. This script is released as lgpl so use it however you want for free.

  17. #67
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    No way am I going to sit there and read the frames to submit a form. Your CAPTCHA is anti-human.

  18. #68
    SitePoint Member
    Join Date
    Apr 2007
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Dan Grossman View Post
    No way am I going to sit there and read the frames to submit a form. Your CAPTCHA is anti-human.
    Anti-impatient people perhaps. To be fair it does take ~5 seconds for the frames to roll through start to finish. But then again the text is not distorted to the point where people cannot read what it says either, I say 5 seconds well spent.

    As a site owner, your users will never have to guess what the characters are and will never again answer incorrectly (assuming their IQ is > 70) regardless of what language they speak.

    I also never have to waste another minute erasing automated spam either. So I guess I value my time a bit more than yours ... but only by 5 seconds. How long did it take you to post that reply again?

  19. #69
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Less than 5 seconds. Akismet can filter 99&#37; of your spam, it's free, and your users don't have to fill out *any* type of mini-quiz. Combine it with a simple CAPTCHA to filter even more. Anything that reduces the likelihood of a human filling out a form is lost customers.

  20. #70
    SitePoint Member
    Join Date
    Jul 2007
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thank you very much,

  21. #71
    SitePoint Zealot
    Join Date
    Aug 2005
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You want a simple way to keep bots out? Do you want it to be transparent to the user? Want it to be accessible still?

    Create a text input field. Make it's label say "Leave this field blank". Name the field something obvious like "address" or "phone_number" (obviously not one you've already used in the form).

    Then, hide the field and the label with CSS. Most users wont see it. Those who do will see the label saying to leave it blank. However, giving it a name with email or phone etc in it will make most bots fill it out ...

    On the server side, just check to see that its blank. If something was put there, you have a bot (or a complete idiot).

    Simple, effective, accessible, and most of all, transparent to the user.

    Detailed a little more here: http://www.omgpotato.com/2007/07/12/...-bot-stopping/

  22. #72
    SitePoint Enthusiast
    Join Date
    Dec 2003
    Location
    norway
    Posts
    61
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by rjm1982 View Post
    You want a simple way to keep bots out? Do you want it to be transparent to the user? Want it to be accessible still?

    Create a text input field. Make it's label say "Leave this field blank". Name the field something obvious like "address" or "phone_number" (obviously not one you've already used in the form).

    Then, hide the field and the label with CSS. Most users wont see it. Those who do will see the label saying to leave it blank. However, giving it a name with email or phone etc in it will make most bots fill it out ...

    On the server side, just check to see that its blank. If something was put there, you have a bot (or a complete idiot).

    Simple, effective, accessible, and most of all, transparent to the user.

    Detailed a little more here: http://www.omgpotato.com/2007/07/12/...-bot-stopping/

    I have to warn anyone from using this approach instead of a captcha,
    because it does not stop anyone from manually creating a malicious script that could do many postings in the form...
    But still better than nothing..

  23. #73
    SitePoint Addict
    Join Date
    Apr 2007
    Posts
    300
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Captcha is a pain for many users especially the ones with poor eye sight. Why put them through hell ? I personally hate this approach and this should not be encouraged. Honey pot approach is the best in my opinion as mentioned previously. The other approach would be to have a random sentence with select portions in red using css which can be retyped in to an input box by the user. Sure it does take some code but its a lot more easier on legit users.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •