SitePoint Sponsor

User Tag List

Page 3 of 5 FirstFirst 12345 LastLast
Results 51 to 75 of 103
  1. #51
    Gre aus'm Pott gold trophysilver trophybronze trophy
    Pullo's Avatar
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    5,938
    Mentioned
    214 Post(s)
    Tagged
    12 Thread(s)
    As awesome as my pure JavaScript solution of telling human beings from human beings at the beginning of the thread?

    BTW poes, do you have any thoughts about the accessibility of the honeypot method mentioned earlier in this thread (that you hide a field with CSS, the idea being that only bots will fill it out).
    How does this play out for someone with a screen reader?

  2. #52
    SitePoint Wizard Stomme poes's Avatar
    Join Date
    Aug 2007
    Location
    Netherlands
    Posts
    10,276
    Mentioned
    50 Post(s)
    Tagged
    2 Thread(s)
    I think Felgall or someone had already mentioned it: you make sure your input's label tells users what to fill in.

    One form I know of has a visible input, saying "are you a spammer? (answer no)" and then the input. They expect input, but it must be "no". (This one tripped me up the first time: it's in Dutch and it says "nee invullen" and I misread it to mean "niet invullen" (don't fill in). So I didn't fill it in, which triggered a spam trap).

    Aha, I still have a screenshot of it
    http://stommepoes.nl/honeypot.png

    It doesn't show up if you have Javascript on, meaning the number of humans likely to screw it up are limited to those with JS off. When JS is on, the input is hidden and I assume JS fills in the "nee" answer before the form is submitted, meaning the form always requires the input to be filled, and filled with the correct answer.

    You'll probably be okay with "what is 6+6?" or Eric's 2+2, but bots can do math (well, but they are rather notorious at sucking at floating-point arithmetic, aren't they? :) and the cognitively disabled can have trouble with lots of stuff. Mike Cherim's blog had a combination of Askimet and a honeypot asking "is fire hot?" (I have no idea what range of "correct" answers his form would accept). Well, and you don't have to really be very disabled: remember those picture captcha's they had where you had say 3 cats and a rat-dog and you had to fill in how many cats? Except the images were so bad it was really hard to tell. I like the idea of telling people what to fill in.

  3. #53
    Gre aus'm Pott gold trophysilver trophybronze trophy
    Pullo's Avatar
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    5,938
    Mentioned
    214 Post(s)
    Tagged
    12 Thread(s)
    Thanks for the reply.
    This is something I've seen come up a few times recently and I'm still trying to formulate my thoughts on the best way to do this.

    I agree with you that captchas are horrible. For example it's not obvious that you can reload them and if done badly, they pose a real barrier to elderly users, not to mention users with any kind of impairment.

    As to whether bots can do maths: If I was a spam bot author I would search forms for occurrences of plus, minus etc in the fields and then call eval() on whatever was in them. E.g. eval("document.write(6+6)"); would output the correct answer to the OP's security question.

    I also liked the look of Askimet, but with Germany being Germany, it is quite problematic to use it whilst staying on the right side of the old Datenschutzbeauftragter.

    BTW, I never saw one of the cat-rat-dog captchas. They sound great. Anyone got a link to one? Googling "cat rat dog captcha" didn't turn up anything other than some bizarre / amusing pictures

    Edit:
    I only had to Google "animal captcha" and came up trumps!!
    http://www.teoriza.com/captcha/example.php

    Edit2:
    Great, now I'm gonna waste loads of time lookin at these: http://www.huffingtonpost.com/2010/0..._n_487166.html

  4. #54
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,175
    Mentioned
    454 Post(s)
    Tagged
    8 Thread(s)
    If one of those honeypots is going to be used, I still wonder if it's better just to give a label saying "Don't fill this in!". I turned away from that at some point ... but now I think I'd rather tell users not to do something that to force them to do something unnecessary. All the same, I still prefer felgall's timer method.

  5. #55
    SitePoint Wizard wonshikee's Avatar
    Join Date
    Jan 2007
    Posts
    1,223
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    A honeytrap with CSRF protection blocks pretty much all spam bots, unless they specifically target your site - in which case no amount of automated protection will stop it.

  6. #56
    SitePoint Wizard Stomme poes's Avatar
    Join Date
    Aug 2007
    Location
    Netherlands
    Posts
    10,276
    Mentioned
    50 Post(s)
    Tagged
    2 Thread(s)
    @wonshikee
    your backhoe looks like it's about to drown. !!

    @pullo " They sound great. Anyone got a link to one? " They were at Rackspace. Add that term to your google searches.

    I tried to find the thread on another forum where people showed CAPTCHAs with... seriously... calculus questions. I was like zomg, but can't find them.



    The issue with telling people not to fill in an input is that, when you're filling in a form, you're filling in everything.

    My blood bank goes through a list of questions before you can give blood. There are sections you do not fill out unless you're

    - above age 60
    - a female
    - a man who's had sex with another man

    I asked a volunteer nurse there once how often people filled in those sections anyway, even if they didn't fit the criteria (they are yes/no questions so you can easily continue filling them in). She said very often.

    The smartest person becomes an utter retard once they are sitting behind a computer and filling out a form. So woe to any of us who aren't super-geniuses: we're even dumber. There is a certain rhythm to filling out a form, and part of that rhythm is
    next question
    skim over label
    fill something in

    lather, rinse, repeat

    So for this reason I suspect (but would love someone doing a usability test on this) that people are more inclined to try to fill something in at first, and only stopping themselves with a start when/if they realise "oh, this one needs to be left blank." So that's why I lean more towards telling them to fill in "x". Or, "are you a human?" is the type of question that easily prompts a no-thought answer (even if some would grumble that they think they are lying when filling in "yes", our site doesn't care, it's for anti-spam anyway).

  7. #57
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    How would one turn this bit of code into a random number each time shone?

    // Spam Question
    if ($spam == 4){
    // success, continue processing
    }
    else{
    header( "Location: $errorurl" );
    exit ;
    }

    ...And then verify the correct number correctly?

    So with that bit of code the html question says "what's 2 + 2"

    So the html would have to randomize too?

  8. #58
    Gre aus'm Pott gold trophysilver trophybronze trophy
    Pullo's Avatar
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    5,938
    Mentioned
    214 Post(s)
    Tagged
    12 Thread(s)
    Hi Eric,

    There are a number of ways to do this.
    If the form is generated by a PHP script, for example, you could have the PHP script choose two random numbers, and generate some kind of token which it passes to the form as a hidden field.
    Then, when the user submits the form, the PHP script which processes the submitted data, could use the token to validate the answer.

    If you're interested in implementing this, then just let me know.

  9. #59
    SitePoint Zealot
    Join Date
    Oct 2012
    Posts
    137
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    This is Greg - the originator of this thread. I just wanted to give a quick update on the success of this project. It works great!

    I have two websites that are hosted by Yahoo. I put the new Contact Form on one site (simple 6+6 math captcha, eliminated auto-complete, gave the fields unconventional names) and it hasn't had a s/p/a/m message since.
    - It also hasn't had any messages from the crappy third-world SEO services - they must like using auto-complete.

    My other site still has the original unprotected Contact Form, and it continues to gather a stream of junk messages.

    Thank you again to Pullo and all others who helped

  10. #60
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Pullo View Post
    Hi Eric,

    There are a number of ways to do this.
    If the form is generated by a PHP script, for example, you could have the PHP script choose two random numbers, and generate some kind of token which it passes to the form as a hidden field.
    Then, when the user submits the form, the PHP script which processes the submitted data, could use the token to validate the answer.

    If you're interested in implementing this, then just let me know.
    Very interested. Could we do 5 different random math problems? 1+1, 2+2, 3+3,4+4,5+5. Thanks!

  11. #61
    SitePoint Zealot
    Join Date
    Oct 2012
    Posts
    137
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Eric wrote:
    Very interested. Could we do 5 different random math problems?
    Though you probably could do it, you don't really need to do it.

    Look back through the first few pages of this thread and you'll see that the spambots don't read or analyze your Contact Form - they just harvest your Contact address or form processing URL and send their own data to it. So hiding the address or URL in a PHP script is the first line of defense, and including one simple bot filter (like 6+6) is the second line of defense. As I wrote above, it works great!

    The other Contact Form issue I have had is getting lots of junk messages, usually from places offering bad SEO services. My understanding is they use humans and some sort of auto-complete assistance to quickly fill in Contact Forms. Turning off auto-complete on your forms and naming your fields something besides "name", "email", "message", etc is supposed to make their systems not work properly and they will not bother to stop and think and type info into your form. Again, so far it is working wonderfully for me.

    One possible future improvement would be some sort of filter for the message field so that if it contains a word you don't want to get messages about (SEO, viagra?) the submission is rejected. But at the moment, that does not seem necessary.

  12. #62
    Gre aus'm Pott gold trophysilver trophybronze trophy
    Pullo's Avatar
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    5,938
    Mentioned
    214 Post(s)
    Tagged
    12 Thread(s)
    @Greg
    I'm glad you got everything working. Nice one!
    Thanks for taking the time to report back!

    @Eric
    As Greg says, I'm not sure how effective this would be, but this script does what you want:

    myForm.php
    PHP Code:
    <?php $num rand(15); ?>
    <!DOCTYPE HTML>
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title>Spam filter example</title>
      </head>
      <body>
        <form action="myScript.php" method="post">
          <div>
            <label for="spam_question">What is <?php echo $num ?> + <?php echo $num ?>?</label>
            <input type="text" id="spam_question" name="spam_question">
            <input type="hidden" value="<?php echo $num ?>" name="num">
          </div>
          <input type="submit">
        </form>
      </body>
    </html>
    myScript.php
    PHP Code:
    <?php
      $num 
    $_POST['num'];
      
    $spam_question $_POST['spam_question'];
      if(
    $spam_question != 2*$num){
        echo 
    "Wrong answer!";
        exit();
      } 
      echo 
    "It's all good brother!"
    ?>
    Hope that helps.

  13. #63
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Greg Baka View Post
    Eric wrote:

    Though you probably could do it, you don't really need to do it.

    Look back through the first few pages of this thread and you'll see that the spambots don't read or analyze your Contact Form - they just harvest your Contact address or form processing URL and send their own data to it. So hiding the address or URL in a PHP script is the first line of defense, and including one simple bot filter (like 6+6) is the second line of defense. As I wrote above, it works great!

    The other Contact Form issue I have had is getting lots of junk messages, usually from places offering bad SEO services. My understanding is they use humans and some sort of auto-complete assistance to quickly fill in Contact Forms. Turning off auto-complete on your forms and naming your fields something besides "name", "email", "message", etc is supposed to make their systems not work properly and they will not bother to stop and think and type info into your form. Again, so far it is working wonderfully for me.

    One possible future improvement would be some sort of filter for the message field so that if it contains a word you don't want to get messages about (SEO, viagra?) the submission is rejected. But at the moment, that does not seem necessary.
    If memory serves me correct, thats not all together true. They can still hijack your form in order to use it to send out thousands of emails.

  14. #64
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Pullo View Post
    @Greg
    I'm glad you got everything working. Nice one!
    Thanks for taking the time to report back!

    @Eric
    As Greg says, I'm not sure how effective this would be, but this script does what you want:

    myForm.php
    PHP Code:
    <?php $num rand(15); ?>
    <!DOCTYPE HTML>
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title>Spam filter example</title>
      </head>
      <body>
        <form action="myScript.php" method="post">
          <div>
            <label for="spam_question">What is <?php echo $num ?> + <?php echo $num ?>?</label>
            <input type="text" id="spam_question" name="spam_question">
            <input type="hidden" value="<?php echo $num ?>" name="num">
          </div>
          <input type="submit">
        </form>
      </body>
    </html>
    myScript.php
    PHP Code:
    <?php
      $num 
    $_POST['num'];
      
    $spam_question $_POST['spam_question'];
      if(
    $spam_question != 2*$num){
        echo 
    "Wrong answer!";
        exit();
      } 
      echo 
    "It's all good brother!"
    ?>
    Hope that helps.
    Awesome thank you! I'll try this out and post back if I hit any problems.

  15. #65
    SitePoint Zealot
    Join Date
    Oct 2012
    Posts
    137
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Eric wrote:
    If memory serves me correct, thats not all together true. They can still hijack your form in order to use it to send out thousands of emails.
    I had the same concern. What I learned was that "It depends on your webhosting service"

    I use Yahoo webhosting, and their system only allows forms on a website to send email to addresses in the same domain. ( a form on mysite.com can only send emails to contact@mysite.com ) So I didn't have to worry about outgoing-hijacking for the Contact Form design project we did here. We only had to worry about incoming-hijacking.

    So you may want to check your web hosting company to see if they already have outgoing-hijacking blocked on their end...

  16. #66
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    @pullo I'm starting a new thread so I don't hijack this one.

  17. #67
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Pullo View Post
    @Greg
    I'm glad you got everything working. Nice one!
    Thanks for taking the time to report back!

    @Eric
    As Greg says, I'm not sure how effective this would be, but this script does what you want:

    myForm.php
    PHP Code:
    <?php $num rand(15); ?>
    <!DOCTYPE HTML>
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title>Spam filter example</title>
      </head>
      <body>
        <form action="myScript.php" method="post">
          <div>
            <label for="spam_question">What is <?php echo $num ?> + <?php echo $num ?>?</label>
            <input type="text" id="spam_question" name="spam_question">
            <input type="hidden" value="<?php echo $num ?>" name="num">
          </div>
          <input type="submit">
        </form>
      </body>
    </html>
    myScript.php
    PHP Code:
    <?php
      $num 
    $_POST['num'];
      
    $spam_question $_POST['spam_question'];
      if(
    $spam_question != 2*$num){
        echo 
    "Wrong answer!";
        exit();
      } 
      echo 
    "It's all good brother!"
    ?>
    Hope that helps.
    OK this worked perfect. But now I need to mirror this function on my JS side. In the past when I just had one answer (not random) I did it like this using the bassistance jquery validation plugin. http://bassistance.de/jquery-plugins...in-validation/. The first statement is a custom rule to prevent urls from being submited in the textarea. So what I need is the same type of thing but using the random math question logic. It has to be possible but does anyone know how? I know this is the php forum but you guys are the best. Thanks!

    Code JavaScript:
    $.validator.methods.equal = function(value, element, param) {
    		return value == param;
    	};
    	$(document).ready(function(){
    		$.validator.addMethod("nourl", 
                        function(value, element) {
                             return !/http\:\/\/|www\.|link\=|url\=/.test(value);
                            }, 
                            "No URL's"
          );
    		$("form").validate({
    				rules: {
    					spam: {
    						equal: 4
    					}
    				},
    				messages: {
    					spam: ""
    				}
    			});
    	});

  18. #68
    Gre aus'm Pott gold trophysilver trophybronze trophy
    Pullo's Avatar
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    5,938
    Mentioned
    214 Post(s)
    Tagged
    12 Thread(s)
    Hi Eric,

    Quote Originally Posted by EricWatson View Post
    OK this worked perfect. But now I need to mirror this function on my JS side.
    I'm not too sure what you are asking here.
    If I remember correctly, you have a PHP script which chooses one sum from a list of five, then displays it on your form for the user to answer.
    It then copies the answer into a hidden field so that the script to which the form is submitted can validate the answer.

    Are you saying that you want a separate JavaScript function to generate two random numbers and display them as a sum for the user to complete.
    Then when the user presses submit, a function should fire that checks the answer to the sum and will only allow submission if the answer is correct?

  19. #69
    SitePoint Wizard Stomme poes's Avatar
    Join Date
    Aug 2007
    Location
    Netherlands
    Posts
    10,276
    Mentioned
    50 Post(s)
    Tagged
    2 Thread(s)
    Off Topic:

    I kinda personally like JS validation to be there to help users fill in the correct data in the right place the right way. Hints. Anything more starts to inherit the problems of false-positive-spams that the back-end validation (which we *will* have, as Eric has) already has the danger of causing. Having users perform side-work to prove on the dirty client side that they are human, only to have the server do it again in the back seems to want to cause humans torment and dismay. Unless you really need to limit actual conversation with the server...


    I think Eric will get a good and useful answer if he states the ultimate purpose of the JS too, and what it might need to deal with.

  20. #70
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Hey guys pretty much what you said pullo. The php you gave me a while back spits out 5 random math questions - 1+1, 2+2, 3+3, 4+4,5+5 and validates their correct answer. As is they can input a wrong number and my js does not catch it. Only my php does. I'm using my php as a fall back of sorts. I would prefer the js catches the wrong or correct answer first and either displays the error or let's the form submit. In order to do this it has to exactly mirror the php function you provided earlier. You understand? As Stomme said, yes I am using the js to provide the pretty hints and such. If js is turned off, then php catches it and it just goes to the error page saying the generic "you failed to fill in all the correct information or you made a mistake while typing, please use the back button and try again".

    Thanks for your help!

  21. #71
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Furthermore, the code I showed above is how to write a custom rule for the validation plugin. And it showes how I used it in the past to only give 1 single correct answer. I instead of course need to rewrite it (rather I need help) so that it communicates with the php, or at least mirrors it's random nature.

  22. #72
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Ok and here is the test page http://www.visibilityinherit.com/projects/formtest.php and here is the php script http://www.visibilityinherit.com/projects/formmail.txt so you can exactly see what I'm trying to do. Thanks!

  23. #73
    Gre aus'm Pott gold trophysilver trophybronze trophy
    Pullo's Avatar
    Join Date
    Jun 2007
    Location
    Germany
    Posts
    5,938
    Mentioned
    214 Post(s)
    Tagged
    12 Thread(s)
    Hi Eric,

    No problem.
    I here's a modified version of my original PHP script.
    I have attached a JavaScript onsubmit handler, which will not allow the form to be submitted if the answer to the question is incorrect.
    The way this works is that you use JS to check that the hidden value is equal to two times the submitted value.
    Simples!

    PHP Code:
    <?php $num rand(15); ?> 

    <!DOCTYPE HTML>
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title>Spam filter example 2</title>
      </head>
      <body>
        <form action="myScript.php" method="post" id="myForm">
          <div>
            <label for="spam_question">What is <?php echo $num ?> + <?php echo $num ?>?</label> 
            <input type="text" id="spam_question" name="spam_question">
            <input type="hidden" value="<?php echo $num ?>" name="num" id="ans"> 
          </div>
          <input type="submit">
        </form>
            
        <script>
          var f = document.getElementById('myForm');
          f.onsubmit = function(){
            if (f.spam_question.value != 2*ans.value){
              alert("Incorrect answer!");
              return false;
            }
          }
        </script>
      </body>
    </html>

  24. #74
    SitePoint Wizard bronze trophy PicnicTutorials's Avatar
    Join Date
    Dec 2007
    Location
    Carlsbad, California, United States
    Posts
    3,656
    Mentioned
    15 Post(s)
    Tagged
    0 Thread(s)
    Awesome!!! Can't wait to test it out! I'll let you know how I fare. Thanks a lot Pullo

  25. #75
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,069
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    Although it works, @Pullo ; 's method is quite easy to reverse engineer, since the solution to cracking the 'captcha' is right there in the javascript.
    So if somebody really wanted they could just look at that code and work around it in a matter of minutes.
    Better would be to store the required answer server side in a session and then if you want to validate with javascript do a AJAX request to the server to check if the entered answer is correct, which you can easily do with the bassistance validator using the 'remote' method.
    This keeps asking the same question as long as it isn't answered correctly. Once answered correctly it will generate a new captcha, thus lowering the chance of replay attacks.

    form.php
    PHP Code:
    <?php
    session_start
    ();
    if (!isset(
    $_SESSION['num1']) && !isset($_SESSION['num2'])) {
      
    $_SESSION['num1'] = rand(1,5);
      
    $_SESSION['num2'] = rand(1,5);
    }
    ?>

    <!DOCTYPE HTML> 
    <html> 
      <head> 
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 
        <title>Spam filter example 2</title> 
        <script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
        <script src="http://ajax.aspnetcdn.com/ajax/jquery.validate/1.10.0/jquery.validate.js"></script>
      </head> 
      <body> 
        <form action="post.php" method="post" id="myForm">
          <div>
            <label for="spam_question">What is <?php echo $_SESSION['num1'?> + <?php echo $_SESSION['num2'?>?</label>
            <input type="text" id="spam_question" name="spam_question"> 
          </div> 
          <input type="submit"> 
        </form> 
        <script>
          $("#myForm").validate({
            rules: {
              spam_question: {
                required: true,
                remote: {
                  url: "validate-captcha.php",
                  type: "post",
                }
              }
            }
          });
        </script>
      </body> 
    </html>
    post.php
    PHP Code:
    <?php
    session_start
    ();
    if (!isset(
    $_SESSION['num1']) || !isset($_SESSION['num2'])) {
        exit(
    'Incorrect answer');
    }
    $sum = (int)$_SESSION['num1'] + (int)$_SESSION['num2'];
    if (isset(
    $_POST['spam_question']) && (int)$_POST['spam_question'] === $sum) {
        unset(
    $_SESSION['num1'], $_SESSION['num2']);
        exit(
    'Correct answer!');
    }
    exit(
    'Incorrect answer');
    validate-captcha.php
    PHP Code:
    <?php
    session_start
    ();
    if (!isset(
    $_SESSION['num1']) || !isset($_SESSION['num2'])) {
        exit(
    '"Incorrect answer."');
    }
    $sum = (int)$_SESSION['num1'] + (int)$_SESSION['num2'];
    if (isset(
    $_POST['spam_question']) && (int)$_POST['spam_question'] === $sum) {
        exit(
    'true');
    }
    exit(
    '"Incorrect answer."');
    Rmon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •