Userfriendly spam 'captcha'

U heeft geen toegangsrechten om te reageren.

Userfriendly spam 'captcha'

Ingezonden door tim op vr, 15/05/2009 - 19:58

A possible solution to avoid spam in posts, is the use of captchas.

But I have found another solution: I found out that all automated spam posting programs/scripts do not execute the javascript on a form (i.e. the javascript to validate the form on client-side).

My solution, aka the hidden captcha:

1.
I use a hidden field.

2.
I set the value of it to 0 or something.

3.
Right before submitting, I update its value to some large number, e.g. 4599843126548

4.
In the handler of the form, I check this paramater. If it is the same value (4599843126548), it is submitted by a user (who has his javascript turned on)
If the value is 0, it was submitted by a spam posting program.

This way, I can check if it's submitted by a person without bothering the users with captchas.

And yes, I know that this method is not waterproof, but this solution has been working for more than 3 years now for all our sites.
I even always use the same number, hard-coded ;)

A better solution would be to generate it on the first page and then save it in some session-var.

But, as I said, it works: no more spam in our posts, users don't have to captcha.

Categorieën

login of registreer om te reageren
2421 keer gelezen
Bekijk afbeelding

#1Ingediend door tim op vr, 15/05/2009 - 20:08.

javascript

Update:

this would be the javascript, to be executed before submitting the form:

	try{
		frm.anti_spam.value = "4599843126548";
	} catch(e){
	}
	document.formcontact.submit();

this is the hidden field

<input type="hidden" name="anti_spam" value="1">

this would be in the handler:

anti_spam = Request.Form("anti_spam")
If anti_spam =  4599843126548" Then
    'go on with form processing
Else
    'spam attempt: stop processing
End If

Xiara

Verwante berichten

Top items vandaag

Top items

Top rubrieken

Gebruikerslogin

Userfriendly spam 'captcha'

javascript