HomeBuilding Your WebsiteWeb Programming and Application Development

"Enter the characters below" validation?

timjpriebe posted this at 14:00 — 27th March 2007.

timjpriebe's picture

He has: 2,667 posts

Joined: Dec 2004

Does anyone know where I can get code that does that dynamically generates those "enter the characters below" validation options, then checks the code to make sure it was entered correctly?

I'm looking for something that can be dropped into any PHP script, not something that's specific to a certain CMS.

Tim
http://www.tandswebdesign.com

demonhale posted this at 14:51 — 27th March 2007.

demonhale's picture

He has: 3,278 posts

Joined: May 2005

You mean a captcha? There are a bunch out there but I recommend puremango.co.uk...

timjpriebe posted this at 16:18 — 27th March 2007.

timjpriebe's picture

He has: 2,667 posts

Joined: Dec 2004

I had never heard that term, but yes, that's exactly what I'm looking for. I'll have to download that one and try it out.

teammatt3 posted this at 04:57 — 28th March 2007.

teammatt3's picture

He has: 2,102 posts

Joined: Sep 2003

No Tim, don't implement a normal captcha! Those things need to go extinct. The ones that were easy to read went by the wayside because bots could read them... so they got pretty much impossible to read. I swear I have to type them in three or four times to get them right (if they have a handicap thing I always use that instead). You should get the cool captchas that have an image of kitty and some other objects and make the person check the box next to the kitty cat. Much better, but I don't know how effective they are.

demonhale posted this at 05:41 — 28th March 2007.

demonhale's picture

He has: 3,278 posts

Joined: May 2005

teamatt means you use an image captcha wherein the form provides an image of a flower and the security question asks "What do you see in the picture below" then randomly changes pictures and questions.. I tried it and it works, but errors often occur on the human side... Same with a mathematical captcha, where the security question is like, "what is 5 multiplied by 3 minus 10" and then the user provides the answer. All of them have there downsides.

On the link I provided, few users get the captcha wrong since it uses a library of known words... The bots don't get to it due to the protections applied by the author as you can read on their site. Try it and see for yourself... Also the only way the bots figured out these captchas on other sites is because they provide free random downloads (pornography) on some of their sites, and iframe your captcha and let a human input the codes so that they can override yours...

pr0gr4mm3r posted this at 20:15 — 29th March 2007.

pr0gr4mm3r's picture

He has: 1,502 posts

Joined: Sep 2006

captcha scripts work just fine as long as yours is unique. No programmer is going to write a program to crack your captcha script unless you are as big as eBay or Google.

Example: I has spam problems on a phpBB board because the bots were getting past the captcha - probably because every phpBB board on the net uses the same one. Because of this, it was worth it to a spammer to crack it. All I had to so was modify a variable that affected the spacing between the characters in the image. I haven't has a bot register since, and I was getting up to 15 automated registrations a day.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.