Image verification scripts

killerkev06 · #1 (**permalink**) 03-17-2007, 01:49 PM

Hi guys,

I wanted to add an image verification function on to my 'add blog' page as I have been experiencing some bot spamming.

Any recommendations on php scripts?

Cheers

Kev

technoguy · #2 (**permalink**) 03-17-2007, 05:18 PM

You have provide me solution for GD pie chart. Simple image script can be done by gd only. Just put string into image and you can use it for verification.

One mroe thing i have seen on various forums is that you should use not only image verification but just fetch two random numbers and ask them to add two numbers and add them in text box.

Its funny but it works.

lame.crusher · #3 (**permalink**) 03-18-2007, 02:43 AM

CAPTCHA, as that technique is called, is very, very, very, very, very bad for accessibility. It takes only a slight visual impairment for it to completely stump a real person.

There are other ways to do the same thing - one way is to ask a question in a way that requires human intelligence to answer, like "how do you spell apple" or "what colour is an orange". You can change the question every few weeks or months as required.

chopstickles · #4 (**permalink**) 03-18-2007, 04:32 AM

Google could probably help you out, this is one I found:
http://www.webcheatsheet.com/php/cre...protection.php

alphaRomeo · #5 (**permalink**) 03-19-2007, 04:40 PM

Quote:

Originally Posted by chopstickles

Google could probably help you out, this is one I found:
http://www.webcheatsheet.com/php/cre...protection.php

Thanks for the link. I was looking for something like this. I have spammers using the "Recommend this site" form on one of my websites to send spam.

nickvd · #6 (**permalink**) 03-20-2007, 04:53 AM

My first post here... Hello!

The method that has worked for me the best is to use oddly named fields in your forms, so instead of this:

HTML Code:

<form action="" method="post">
  Name:<input type="text" name="name" /> 
  Email: <input type="text" name="email" />
  Message: <textarea name="message"></textarea>
  <input type="submit" value="Send Message"/>
</form>

You would use:

HTML Code:

<form action="" method="post">
  Name:<input type="text" name="input_field_one" /> 
  Email: <input type="text" name="input_field_two" />
  Message: <textarea name="input_field_three"></textarea>
  <input type="submit" value="Send Message"/>
</form>

After switching my contact form (which a copy gets sent to my cell phone, so you can see the severe need for it to stop) the spam stopped instantly.

You only need to remember (or leave comments in your code) which fields are which, so this method may not be suitable for larger, more complex forms, but for the smaller ones it can be a life-saver. The best part is that the user is completely un-aware of any difference, since it's just the name attribute that get's changed.

blokey · #7 (**permalink**) 03-20-2007, 10:42 AM

That's an interesting method, but aren't spambots also reading form labels?

technoguy · #8 (**permalink**) 03-20-2007, 02:33 PM

Yes we cannot make complete proof system but we can make difficult for spambot to read. I was just thinking about to do some trick which keeps little difficult for someone.