SitePoint Sponsor

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 25 of 42
  1. #1
    SitePoint Guru
    Join Date
    Nov 2004
    Location
    calif
    Posts
    743
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Ask a question instead of CAPTCHA

    Can someone provide me with some basic code for asking an easy question that can be checked, for my Contact Form? . For example: "What color is the sky?". Thanks.

  2. #2
    SitePoint Addict
    Join Date
    Apr 2011
    Posts
    265
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Hy,
    In your contact form add an input field:
    HTML Code:
    What color is the sky?
    Answer:  <input type="text" name="ans" />
    Then, in the php file that gets data form, add:
    PHP Code:
    if(isset($_POST['ans']) && $_POST['ans']!='blue') exit('Wrong answer'); 
    Free: Web Programming Courses HTML, CSS, Flash
    Web Programming: AJAX Course and PHP-MySQL Course video Lessons
    Good JavaScript and jQuery course for beginners

  3. #3
    SitePoint Guru
    Join Date
    Nov 2004
    Location
    calif
    Posts
    743
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for that.
    I appreciate it.

    When the wrong answer is entered, the user sees a blank white page that shows only the words "Wrong answer".

    Is their a way to have the words "Wrong answer" appear in the Contact Form
    instead of seeing a blank page?
    So, the user can simply see his error while still seeeing the Contact Form, and correct the answer conveniently?

    Thanks.

  4. #4
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    If you use php's include function to include your data processing form on the top of your contact form script, then you can add in:

    PHP Code:
    $errors FALSE;
    if(isset(
    $_POST['ans']) && $_POST['ans']!='blue'
    {
    $errors TRUE;} 
    This way, we first assume that there's no error. If there's a post and it's wrong, then we say that there is an error. Next, we can use the following to print out the wrong answer (php's echo function will print the information to the screen).

    PHP Code:
    if ($errors) {echo 'Wrong answer!';} 
    If you wanted to format Wrong answer, then you can do something like:

    echo '<span class="my_wrong_answer_css_class">Wrong answer!</span>';

    Hope this helps!

    -Eric

  5. #5
    SitePoint Guru
    Join Date
    Nov 2004
    Location
    calif
    Posts
    743
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have a separate php handler from my contact form, so I guess when you ask

    "If you use php's include function to include your data processing form on the top of your contact form script", the answer would be that I don't have it on top of the contact form, but on a seperate page (If I understand you correctly.)

    So, would I used a different code than what you supplied?

  6. #6
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,200
    Mentioned
    456 Post(s)
    Tagged
    8 Thread(s)
    Quote Originally Posted by ChrisjChrisj View Post
    I don't have it on top of the contact form, but on a seperate page ... So, would I used a different code than what you supplied?
    Not necessarily. Rather than just exit with the error message, you could echo the error message along with the whole form, or indeed the whole page if you want.

  7. #7
    SitePoint Wizard bronze trophy C. Ankerstjerne's Avatar
    Join Date
    Jan 2004
    Location
    The Kingdom of Denmark
    Posts
    2,702
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    If your site has a reasonable size, you might want to circulate a number of answers. Otherwise, once a spammer knows the answer, he can easily set up his script to add that answer. You can either serve a number of ready-made questions, or generate the questions on the fly. The easiest questions to generate are obviously math questions, but they are also the easiest to crack for a spammer.
    Christian Ankerstjerne
    <p<strong<abbr/HTML/ 4 teh win</>
    <>In Soviet Russia, website codes you!

  8. #8
    SitePoint Member
    Join Date
    Aug 2011
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Do you have other suggestions for good questions to ask? I don't like the idea of outright asking if my visitor is a human...

  9. #9
    SitePoint Wizard bronze trophy C. Ankerstjerne's Avatar
    Join Date
    Jan 2004
    Location
    The Kingdom of Denmark
    Posts
    2,702
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    It should be something trivial and universal. For example, Are oranges purple? or Does sharks eat carrots? Something that every child can answer with ease, but which requires actual thinking.
    Christian Ankerstjerne
    <p<strong<abbr/HTML/ 4 teh win</>
    <>In Soviet Russia, website codes you!

  10. #10
    SitePoint Addict
    Join Date
    Mar 2010
    Location
    UK
    Posts
    281
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    HTML Code:
    What color is the sky?
    Answer:  <input type="text" name="ans" />
    Or, to write that properly:
    HTML Code:
    <label id="question" for="answer">Your question here</label>
    <input type="text" aria-labelledby="question" id="answer" [...other input attribute pairs...] >
    Anything less than that can be regarded as inaccessible.

  11. #11
    SitePoint Addict dnordstrom's Avatar
    Join Date
    Jul 2006
    Location
    Amsterdam
    Posts
    337
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    Hello there Chris,

    I see some nice answers up there at the start of the thread, good stuff—thanks to all for maintaining the quality of our fine community.

    Quote Originally Posted by C. Ankerstjerne View Post
    If your site has a reasonable size, you might want to circulate a number of answers. Otherwise, once a spammer knows the answer, he can easily set up his script to add that answer. You can either serve a number of ready-made questions, or generate the questions on the fly. The easiest questions to generate are obviously math questions, but they are also the easiest to crack for a spammer.
    That's what I was going to say. Write a class that handles the questioning (if you do OOP) and add a number of questions to it, and then show a random one to the user.

    As already mentioned above, with math questions you can generate them on-the-fly and there's no need for hard-coded questions. Downside it that it is very easy to go around it, as Ankerstjerne also mentioned. I can simply write a script that looks at the label (or wherever the numbers are) and calculates the right value and submits the form.

    Besides, "real" questions are more fun for the user than math anyway. And thank you for considering this option instead of CAPTCHA—I just hate those letters and numbers that you have to enter over and over because you can't see what the hell they are.

    Definitely wouldn't recommend yes/no questions, since there's then only two answers for a spammer to deal with. More like "What color is...?" kind of questions would be better. "What is the middle name of William Henry Gates?" — you get my point.

    But the bottom line here (literally too) is to circle a bunch of questions around randomly to the user, otherwise it's way too easy to work around and you might as well skip the whole thing.
    Daniel Nordstrom. of. Nintera(ctive)
    -- Featured post: Part 2. Writing NI.JS JavaScript
    ----- Follow me on Twitter. Got project? Contact me.
    -------- SitePoint: Community GuidelinesBe A Great Member

  12. #12
    SitePoint Addict bimalpoudel's Avatar
    Join Date
    Feb 2009
    Location
    Kathmandu, Nepal
    Posts
    279
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    While processing such captcha, make sure to lowercase the user's answer.
    I mean, do not match with the case-sensitive answers.

    Otherwise, some answers are likely to be wrong.
    Bimal Poudel @ Sanjaal Framework » over Smarty Template Engine
    ASKING INTERESTING QUESTIONS ON SITEPOINT FOURM

    Hire for coding support - PHP/MySQL

  13. #13
    SitePoint Member
    Join Date
    Aug 2011
    Location
    Canberra
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think asking a question is a much better idea than having a CAPTCHA. Even with good English skills, those CAPTCHA codes are so hard to read You almost have to squint, and some characters look like they could be a number or a letter.

  14. #14
    Avid Logophile silver trophy
    ParkinT's Avatar
    Join Date
    May 2006
    Location
    Central Florida
    Posts
    2,335
    Mentioned
    192 Post(s)
    Tagged
    4 Thread(s)

    Lightbulb

    Quote Originally Posted by C. Ankerstjerne View Post
    It should be something trivial and universal. For example, Are oranges purple? or Does sharks eat carrots? Something that every child can answer with ease, but which requires actual thinking.
    I agree with this 100%, but offer a word of caution.
    There are questions you can ask that have ambiguous answers. That would lead to frustration from your users.

    For example, *any* question whose answer is a mathematic value of zero could be answered as: NONE, ZERO, 0, Naught, NULL, NOTHING
    If you are accepting textual answers (not only numbers) be sure to evaluate the answer in all lowercase (or all uppercase) so as to avoid an incorrect rejection because a user decided to capitalize.
    Don't be yourself. Be someone a little nicer. -Mignon McLaughlin, journalist and author (1913-1983)


    Git is for EVERYONE
    Literally, the best app for readers.
    Make Your P@ssw0rd Secure
    Leveraging SubDomains

  15. #15
    SitePoint Wizard bronze trophy C. Ankerstjerne's Avatar
    Join Date
    Jan 2004
    Location
    The Kingdom of Denmark
    Posts
    2,702
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    True. This can be solved with a select, or with radiobuttons. This makes it somewhat easier to crack, but will still cut down spam significantly.
    Christian Ankerstjerne
    <p<strong<abbr/HTML/ 4 teh win</>
    <>In Soviet Russia, website codes you!

  16. #16
    SitePoint Enthusiast abdussamad's Avatar
    Join Date
    May 2006
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    "What color is the sky?" is not really a good question. I mean right now the sky is black where I live because it's night time. And during the day it can be light-blue (or light blue), blue or even redish at sunset. I hope you get my point.

  17. #17
    Non-Member
    Join Date
    Nov 2010
    Posts
    174
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by abigail55 View Post
    Do you have other suggestions for good questions to ask? I don't like the idea of outright asking if my visitor is a human...
    What is the last letter from the word ...
    This has the advantage that ... there are a lot of words out there.

  18. #18
    SitePoint Enthusiast abdussamad's Avatar
    Join Date
    May 2006
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There is an alternative that I want to suggest. It's called hash cash and is totally invisible to humans and works great at stopping bots. PHP implementation example:

    HashCash

  19. #19
    SitePoint Addict
    Join Date
    Apr 2002
    Posts
    395
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by abdussamad View Post
    "What color is the sky?" is not really a good question. I mean right now the sky is black where I live because it's night time. And during the day it can be light-blue (or light blue), blue or even redish at sunset. I hope you get my point.
    lol, c'mon now

  20. #20
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,200
    Mentioned
    456 Post(s)
    Tagged
    8 Thread(s)
    Quote Originally Posted by abigail55 View Post
    Do you have other suggestions for good questions to ask? I don't like the idea of outright asking if my visitor is a human...
    Maybe you could ask—What's the first letter of the English alphabet? Nice and easy, and you could cater for lower case and capital.

  21. #21
    SitePoint Guru rageh's Avatar
    Join Date
    Apr 2006
    Location
    London, Formerly Somalia
    Posts
    612
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why not use the so honey-trap method? It is very effective. And the user does not have answer anything. Nor type. Give it a try.
    ------------------

  22. #22
    SitePoint Addict
    Join Date
    Mar 2010
    Location
    UK
    Posts
    281
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That is not a method with which I can agree after experiencing the handiwork of someone who clearly did not know how to do it properly and accommodate false positives.

  23. #23
    SitePoint Enthusiast
    Join Date
    Sep 2009
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If a captcha is too hard to read or too strict on case etc then the coder is the problem not the idea of captcha. Questions will be limited and could encourage spammers to target your form with ease.

  24. #24
    SitePoint Guru rageh's Avatar
    Join Date
    Apr 2006
    Location
    London, Formerly Somalia
    Posts
    612
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by adh32 View Post
    That is not a method with which I can agree after experiencing the handiwork of someone who clearly did not know how to do it properly and accommodate false positives.
    That person clearly impelemented it incorrectly.

    I implemented the honey trap method a while ago. Not a single spam email came to my inbox. So it is a question of doing it right. Any method done in the wrong way will not work, as you might have gathered.
    ------------------

  25. #25
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Math questions are easy to pose, and more users whose mother tongue is not yours probably more likely to understand the question.

    Make sure the answers are between 1 and 999 and make the maxlength of the text area 3.

    Ask questions using a mixture of words and numbers, the answers should always be numbers.

    "What number is Thirty and 3?"
    "What number is a dozen?"
    Maintiain a single array of questions and answers which are available to the client-side generating code and the backend checking code:
    turing_questions.php
    PHP Code:
    <?php
    $turing
    [0]['question'] = "Thirty and 3";
    $turing[0]['answer'] = 33;
    $turing[1]['question'] = "a dozen";
    $turing[1]['answer'] = 12;
    Include the file in both the view and whatever you use to as a postback, set and retain control of which question is being posed in a session.
    eg
    PHP Code:
    $_SESSION['turing'] = 
    Filtering and sanitizing the answer is dead simple.
    PHP Code:
    <?php
    // your postback form handler
    include 'turing_questions.php';

    if( !isset(
    $_POST['answer'])
      || (int)
    $_POST['answer'] === 0
      
    || $_POST['answer'] > 999 )
    // you are bad, sending you away unceremoniously

    // $_SESSION['turing'] = 1

    if( $_POST['answer'] !== $turing[$_SESSION['turing']]['answer']) 

    //failed to answer correctly, maybe you are not human,
    // or able to answer 
    // mathematical questions or you do not speak my language?
    //


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •