July 15, 2010
I’ve always thought that captchas are a barrier to some internet users so I worked out an alternative method.
My method uses random field names and values.
The script generates a random MD5 hash from several blocks of random numbers. This hash is used create a field and variable name for your form and script. A second MD5 hash is generated from more random numbers and stored in the form field names and script variable. The generated variable and value can then be stored in the session (or database).
$var=substr( md5( rand(1000,4000).rand(3000,7500).rand(1000,9999) ),0, 15 ); ${$var}=substr( md5( rand(1000,4000).rand(3000,7500).rand(1000,9999) ),0, 15 ); $_SESSION['varname']=$var; $_SESSION['var']=${$var};
Once the form has been submitted a script has to confirm that the variables match. Once confirmed (or rejected) your script can proceed.
if ( isset( $_POST[ $_SESSION['varname'] ] ) && $_POST[ $_SESSION['varname'] ]!='' && $_POST[ $_SESSION['varname'] ] == $_SESSION['var'] ) { . . . }Filed under: Programming — Tags: captcha, form, hardening, spam — admin @ 9:46 pm
Handy tools for creating the various cards the game uses, dungeon, magic, event and treasure
Create your own unexpected event cards
Create your own monster event cards
Powered by WordPress