So one of the forms on a site I'm developing is constantly spammed by
something like FormFucker, and as I'm getting tired of listening to
the gripes, I've taken time out of my development schedule to
investigate measures to solve the problem.
Enter CAPTCHA (thanks, hide, for turning me on
Jason A. Crome wrote:
So one of the forms on a site I'm developing is constantly spammed by
something like FormFucker, and as I'm getting tired of listening to the
gripes, I've taken time out of my development schedule to investigate
measures to solve the problem.
Enter CAPTCHA
On Wed, Aug 17, 2005 at 06:48:39AM -0600, Barry Moore wrote:
user has to re-login. If the browser stays open, but is inactive for 15
minutes then the session flag expires, and the user has to re-login. Am
I on track here, or are there easier ways to do this?
Well, you could have your login
On Aug 25, 2005, at 11:56 AM, Michael Peters wrote:
Well, just to point out, CAPTCHA isn't perfect. It'll probably work
for
now, but long term you may need to look at other options. Or maybe
GD::SecurityImage will pick up some better techniques...
http://sam.zoy.org/pwntcha/
You're
Sean Davis wrote:
On 8/15/05 9:36 AM, Will [EMAIL PROTECTED] wrote:
I've been playing around with CGIA and I really like what I see. I've
got some very simple apps under my belt, but now I'd like to build
something more robust. I will need to authenticate users and keep track
of them through
Jason A. Crome wrote:
On Aug 25, 2005, at 11:56 AM, Michael Peters wrote:
I don't think the user should have to call create_captcha() at all. It
should be a run mode that is automatically added to the using app.
What about those runmodes that don't need a CAPTCHA? All of my
runmodes
On 2005-08-25, Michael Peters [EMAIL PROTECTED] wrote:
Jason A. Crome wrote:
On Aug 25, 2005, at 11:56 AM, Michael Peters wrote:
I don't think the user should have to call create_captcha() at all. It
should be a run mode that is automatically added to the using app.
What about those
Mark Stosberg wrote:
On 2005-08-25, Michael Peters [EMAIL PROTECTED] wrote:
Jason A. Crome wrote:
On Aug 25, 2005, at 11:56 AM, Michael Peters wrote:
I don't think the user should have to call create_captcha() at all. It
should be a run mode that is automatically added to the using app.
so, what of cgiapp_postrun? For those of us that sometimes alter
headers there, this would be an issue to be contended with.
That's a good question. It's possible that a postrun could alter headers
incorrectly or mangle the image. There's a couple of options that come
to mind quickly. How good
On Aug 25, 2005, at 8:43 AM, Jason A. Crome wrote:
- Image storage: I can either create the images on the filesystem,
or build them in a memory-based cache (which would mean the plugin
needs to add a runmode that returns an image only - doesn't sound
like the best way to me). In any
On Thu, 25 Aug 2005 13:38:55 -0400, Michael Peters wrote:
Hi Michael
If the user then submits data, verify_captcha() should look at
the field in question, and then use crypt() again with the
hashed value from the cookie to verify that the string would
indeed match.
Please don't lock
On Aug 25, 2005, at 12:38 PM, Michael Peters wrote:
I'm not saying evey runmode should call create_captcha(), I'm saying
create_captcha() should be a run mode in and of itself.
Thanks! :) That was painfully obvious when you explained it to me.
I can't believe that I missed that before ;)
On Thu, 2005-08-25 at 09:56, Michael Peters wrote:
I don't think the user should have to call create_captcha() at all. It
should be a run mode that is automatically added to the using app.
I think the above will work, but I'm not sure if I like how
verify_captcha() works.
I don't see
This really has nothing to do with CAPTCHA but
Clint Moore wrote:
I think Cache::FileCache would both of these problems. You can set
many options from new() including an expire time. With that you could
store whatever information you wanted in one place. I'm using it at
the moment
14 matches
Mail list logo