Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask

Re: howto: Perl CGI, image with random scewed text for account creations

by hacker (Priest)
on Mar 13, 2007 at 03:16 UTC ( #604464=note: print w/replies, xml ) Need Help??

in reply to howto: Perl CGI, image with random scewed text for account creations

The image issue is a bit at odds with Section 508, especially for blind or deaf users of your site.

I personally like the way Drupal solved it with a captcha alternative (which I use on two of my websites).. they just ask a simple math question in a form, offering an image as an alternative (admin can toggle).

But let's also not forget about merlyn's neat little hack to brute-force OCR (better techniques have surfaced since that time).

My personal favorite would have to be the one I saw a few years ago (image-based, though you could make it text) that asked you to pick the one item that did NOT match the other 3. You'd be shown 3 fruits and a monkey for example.

You could also go with a multiple choice kind of captcha, like "I like to read a ______ when I relax" and your dropdown could include things like "hat", "apple", "book", and so on.

You could try to put something in session when a GET request is made and when a form is submitted you check the session for that variable. You'd use this to filter out badly-written bots that submit POST requests directly without requesting the parent page first. This is easily defeated by bots that behave like a web browser, however.

Lots of ways to go about it, I'd stick with a text-based one to start, and make it reasonably complex enough not to be easily "guessed".

  • Comment on Re: howto: Perl CGI, image with random scewed text for account creations

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://604464]
[choroba]: As discussed in Using the DATA file handle for ARGV, I usually start my "fun" scripts with *ARGV = *DATA{IO} unless @ARGV;
[choroba]: this was just a remainder
[Discipulus]: ah thanks i forgot that thread (even if i saved it in my homenode)..

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (8)
As of 2016-12-06 08:42 GMT
Find Nodes?
    Voting Booth?
    On a regular basis, I'm most likely to spy upon:

    Results (101 votes). Check out past polls.