Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Image verification on form submissions

by stonecolddevin (Vicar)
on Nov 08, 2006 at 08:16 UTC ( #582820=perlquestion: print w/ replies, xml ) Need Help??
stonecolddevin has asked for the wisdom of the Perl Monks concerning the following question:

Hey monks,

I'm trying to figure out how to create a system where the user must type in a phrase or somesuch from an image that's displayed on the page as a form of verification to prevent spam, autosignups, etc. Yahoo! and Google's Blogger do this (A PHP tutorial here, and an example here (near the bottom of the page)).

I know merlyn has an article on this on his website, but I can't seem to find it.

I also know it's going to involve GD::*, or Image::Magick (or something along those lines), a random string/word generator, and some hidden form values. Beyond that, I'm not sure.

Any ideas?

meh.

Comment on Image verification on form submissions
Re: Image verification on form submissions
by reneeb (Chaplain) on Nov 08, 2006 at 08:34 UTC
Re: Image verification on form submissions
by atcroft (Monsignor) on Nov 08, 2006 at 08:37 UTC

    Sounds like you are referring to captcha, and possibly this article ( Web Techniques - Column 68, Dec 2001 - "Keeping robots from stuffing your forms" ) of Merlyn's.

    HTH.

      I think captcha is going to be the way to go. I'll look into the additional GD* modules, but that looks like the best thus far.
      meh.
Re: Image verification on form submissions
by jbert (Priest) on Nov 08, 2006 at 12:25 UTC
    And, in my adopted role as catalyst fanboy, I should note: Catalyst::Plugin::Captcha (which the docs say uses GD::SecurityImage to do its dirty work).
Re: Image verification on form submissions
by idsfa (Vicar) on Nov 08, 2006 at 16:45 UTC

    You may also want to looks at the methods employed by SANS to deal with this problem. And please remember to consider the disabled.

    Updated: Said SANS article has now also gotten the slashdot crowd putting in their oar.


    The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://582820]
Approved by Tomte
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (6)
As of 2014-12-25 20:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (163 votes), past polls