> Well, I'm just trying to figure out why it wouldn't be easier to have a
> unique string passed with each request that is also tied to the correct
> "answer" for the image.
There is nothing wrong with that if you store it in the session.
That way, the spider could not post multiple
> times with the same unique string. It just seems like that would even
> rule out the brute force attempt.
You can do that by setting another session var that only allows them to
post within a certain time period on a certain form.
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
