Re: reCaptcha implementation, done!

From: "Bruce Kallick" <curmudgeon@PROTECTED>

In-Reply-To: Re: reCaptcha implementation, done!

Date: June 8th 2007

So Henry Hughes wrote, at 2:21 AM on 6/8/07:

I like that solution in theory, it could easily be made multilingual, but taking a look through the code I'm not so sure how secure it is it seems to ask only 1 of 2 simple questions?

if ($select == 'w'){ AskWeekday(); $label = 'Which day comes after ' $SESSION['QA'] ' ?'; } else if ($select == 'h'){ askhighnumber(); $label = 'Which number is the higest ' $SESSION['QA'] ' or ' $SESSION['QB'] ' ?'; }

Even I could write a script to get past that its probably enough to suit an email form with a fixed recipient, but not for protecting something that can publicly send email and display posts

H

Yes, of course it's easy to write a script to get past this particular captcha implementation, but the point is that no spambot is likely to be able to do so unless it was designed for this specific implementaion See the discussion at http://www vbulletin org/forum/showthread php?t=124828 which describes a similar text-based captcha to be used with vBulletin boards

BTW, I've employed an even simpler capctha, which asks the user only to type the number seven in lower case letters, on a website guest book for over a year without a single spambot incursion -- before it was installed the guest book had started to receive several every day

‹ Re: R: FYI: Will be gone between June 30th and August 5th

Index

Re: reCaptcha implementation, done! ›

Email Address

You're OK with using your email address as your primary contact for this email discussion list; messages will be sent on your behalf

Unsubscribe at Anytime | Privacy Policy

This mailing list is a public mailing list - anyone may join or leave, at any time.
This mailing list is a group discussion list (unmoderated)
Start a new thread, email: dadadev@dadamailproject.com

This is the developer discussion mailing list for Dada Mail.

If you are just looking for support Dada Mail, consult the message boards at:

https://forum.dadamailproject.com

Documentation for Dada Mail:

https://dadamailproject.com/d

Specifically, see the Error FAQ:

https://dadamailproject.com/d/FAQ-errors.pod.html

To post to this list, send a message to:

mailto:dadadev@dadamailproject.com

All subscribers of this list may post to the list itself.

Topics that are welcome:

Constructive critiques on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
Bug/Error reports
Bug fixes
Request For Comments on any changes to the program
Help customizing Dada Mail for your own needs
Patches
Language Translations
Support Documentation/Doc editing, FAQ's, etc.
Discussion of any changes that you would like to be committed to the next version of Dada Mail -

Dada Mail is on Github:

https://github.com/justingit/dada-mail/

If you would like to fork, branch, send over PRs, open up issues, etc.

Privacy Policy:

This Privacy Policy is for this mailing list, and this mailing list only.

Email addresses collection through this mailing list are used explicitly to work within this email discussion list.

We only collect email addresses through our Closed-Loop Opt-In system.

We don't use your email address for any other purpose.

We won't be sharing your email address with any other entity.

Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.

All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.

All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.