Re: Audio CAPTCHA review request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2007-04-06 at 09:08 -0400, tedd wrote:
> At 6:36 PM -0400 4/5/07, Robert Cummings wrote:
> >But still, relying on Javascript is a bit flakey IMHO.
> 
> There's nothing wrong with javascript -- you just need to know it's 
> limitations.

*lol* You misunderstood me, I'm in no way dissing on Javascript, in fact
I love Javascript, I wish we could re-bind functions and stuff (without
runkit :) and have closures in PHP. What I'm saying is that's it's a
fairly poor choice from an accessibility perspective.

> My audio captcha relies on javascript, namely ajax. The problem I had 
> was how to deliver the sound once the user requested it from the main 
> page. I used <bgsound> and <embed> tags to accomplish that after 
> browser sniffing. However, those tags had to be in a new page to 
> play, which required a refresh.

Why do you need to refresh? I had a DHTML/Ajax chat client I built and I
just pumped flash tags into a div to play tones when new messages were
detected. I didn't bother browser sniffing though, just made the
assumption that flash existed.

>  After that, the user had to be sent 
> back to the main page to enter the key, which required another 
> refresh. A screen reader will re-read each page out-loud upon each 
> refresh and that was unacceptable.
> 
> So, I used ajax to change the main page without a refresh using an 
> iframe tag. That way the sound file was played without refreshing 
> anything. I thought that clever. :-)
> 
> In this case, there was no way to get around using javascript. 
> However, that's not a problem for visually impaired users nor is it a 
> security issue.
> 
> At 6:36 PM -0400 4/5/07, Robert Cummings wrote:
> >Perhaps using two
> >combined systems... more traditional obscured writing on image captcha,
> >or a simple mathematical question for texties, or the system you
> >presented with an audible ding for blind people to know they are within
> >the field of success.
> 
> That's the idea unless I can come up with a way that would be 
> accessible to all. I think simple captchas like "type in the number 
> seven four six" would be one, but that appears easy to crack.

I think in general, unless you're hosting a hugely popular site, few wil
attempt to custom crack your site's captcha -- there's an expected value
investment to going to the trouble. Perhaps a good system would be to
treat captcha algorithms like passwords, and change the way it works
every few weeks :) On of the great things about the English language is
that so many things can be written in so many ways. One of the bad
things about the English language is that so many things can be written
in so many ways. :B

Cheers,
Rob.
-- 
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for       |
| creating re-usable components quickly and easily.          |
`------------------------------------------------------------'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux