newbie craves captcha advice

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi Everyone,

I am designing a simple site, the index page has a form,with 2 input
boxes. Once the user presses submit, a cgi script myfirstcgi.cgi is
called and output is displayed. Everything is fine! Now I want that
the service I am offering should not be accessible to web bots, and so
I want to use captchas to achieve this. There seem to be a some
captcha code in PHP, Perl on the net, but I am partial towards bash/
awk/sed kinda coding! (I know it sounds weird!)

I looked up and used it
on my site. The problem is that in my form if I use action=/
testcaptcha/capthcha-page.php then this code ends up at an html page
saying you entered the captcha correctly. I want the end page to
display the result of my cgi script and so I changed the "pointer" in
the php code to my cgi code, so that if the user enters the letters
right, the cgi code will run. However, this screws up the QUERY_STRING
being passed to the cgi code and no output is generated.

One solution could be that I generate 10K gifs using Imagemagick (text-
Quoted text here. Click to load it
and checks if the user entered the right letters which would be the
name of the image. But surely there must be a better solution!


Re: newbie craves captcha advice

newbiegalore wrote:

Quoted text here. Click to load it

Why not generate the image on the fly? ImageMagick is pretty quick, with
good Perl bindings.

Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux, up 14:31.]

                              The Semantic Web

Re: newbie craves captcha advice

I implemented something similar for a client (in ColdFusion of all
things) - except we chose to go with a simple arithmetic problem
before accepting the submission. I just had the system generate two
random numbers (between 1 and 10, but you could higher I guess), then
hash the correct answer and put it in a hidden field. Then when the
user entered hits submit, the script takes the user's answer, hashes
it with the same key and compares it to the hash of the correct
answer, to see if the user was correct.

So far the the client hasn't had any problems with it. The key that
the correct answer is hashed with changes daily (somehow based on
date, don't recall exactly), and I suppose a spammer could break the
system if they tried hard enough, but hopefully it has made it hard
enough that it's not worth their time.

Plus, this is more accessible than an image-based captcha.

- Aric

www.NEXCESS.NET - Shared/Reseller Hosting - Dedicated Servers, Server Clusters - Virtual Private Servers
- Great prices, Great service - check us out!

Quoted text here. Click to load it

Re: newbie craves captcha advice

Quoted text here. Click to load it

Wow man, thats innovative. Thanks to Toby too, ya Imagemagick is just
soooo easy and fast. Life is good again!! whew!

Site Timeline