Hei, Ashley The php bugtracker himself uses just simple math. Others are made by clicking on the man's name in the picture (3 shaddows of people with names in there) ... But I myself dislike the visitor having extra-work. Therefore I'll stick to the honey-pot the referer check and so on. One check I think is quite effective is something google does for discovering spam-mail: Discover which language this mail is written in. If it does not seem to be a lanuage at all its most likely spam ;) But I think that's not possible for not-so-big websites .. Anyways: most likely it's just about filtering the 99% spam and get all user-mails through. Nothing is more annoying as when you (as user) get the feedback "*Go away! You're a bot.*" ;) Bye Simon 2012/2/17 Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx> > > > Simon Schick <simonsimcity@xxxxxxxxxxxxxx> wrote: > > >Hi, all > > > >When you ask for a captcha, I'd first ask what do you want to use it > >for. > >If you read the first lines of Wikipedia it has been developed to > >differ > >between a real user and a bot. > > > >If you'd now say that you want to use it to protect spam in a formula > >I'd > >give you the same explanation that you can find here in german (in a > >bit > >more text): http://www.1ngo.de/web/captcha-spam.html > >The author of this link says that captchas are not efficient enough and > >give a new unnecessary barrier to all users. He also declaims that bots > >nowadays are better than ever and can even read captchas that many > >humans > >are not able to read. > >For this reason he provides a list of extra stuff that you can use to > >protect your formula against spam instead of a picture that's text > >should > >be written in an input-field. > > > >One of those is the honey-pot. You simply create an additional field > >(f.e. * > >email2*) hide it for most visitors (using *css*) and ignore the comment > >if > >there's text in here. As most of the bots cannot read css they'll fill > >a > >valid email-address in here :) But then you also have to think about > >users > >that have css disabled f.e. *ScreenReader*. Another disadvantage of > >this > >issue is that you can use an auto-field-fill mechanism provided by the > >browser who could fill this field ... But both cases should not be that > >difficult. For the screenreder you can change the label for the field > >to > >look like *Do not paste your email in here. Just leave it empty.* Just > >to > >have the word email again in here ;) > > > >Another good thing is to think about how fast this form can be > >submitted > >when the user enters the formula for the first time. Also think about > >the > >second time, when the user as entered some wrong values and you have to > >show him a message. > >If you have a formula that contains more than 5 fields it's quite > >unusual > >that the user can submit that below 2 sec after receiving the response. > >You > >could even add a feature by using javascript that the user cannot > >submit > >this form or his request will be delayed for a view seconds (one or > >two). > > > >If you want to know more about that, out there are plenty of plugins > >for > >different systems where you can see what other possibilities you have. > >One > >extension i like is the one from TYPO3. They have quite a bunch of such > >things and you can give each of the checks a value. If the sum of the > >values of the failing tests reaches a configured level, this > >form-submission will be rejected. > >http://typo3.org/extensions/repository/view/wt_spamshield/current/ > > > >Wordpress: http://antispambee.de/ > > > >Bye > >Simon > > > >2012/2/17 Savetheinternet <savetheinternet@xxxxxxxxxxxxx> > > > >> On Fri, Feb 17, 2012 at 3:40 PM, Donovan Brooke <lists@xxxxxxx> > >wrote: > >> > Hello, > >> > > >> > Does anyone know of a basic (open source or freeware) form captcha > >system > >> > for PHP? > >> > > >> > TIA, > >> > Donovan > >> > > >> > > >> > > >> > > >> > -- > >> > D Brooke > >> > > >> > >> Hi, > >> > >> There are plenty of free PHP captcha scripts out there. Just google > >> "captcha PHP". Securimage (phpcaptcha.org) looks relatively okay. > >> > >> Thanks, > >> Michael > >> > >> -- > >> PHP General Mailing List (http://www.php.net/) > >> To unsubscribe, visit: http://www.php.net/unsub.php > >> > >> > > I would avoid making a user type in something they see in a picture, as > you've just succeeded in pissing off a bunch of blind people. > > Also, avoid relying on javascript. It can be turned off, disabled, blocked > and sometimes isn't available at all, such as with some speech/Braille > browsers. > > One popular route is to ask a question that only a human could answer. I > use this method on the contact page of my site. I just ask a question such > as > > Multiply the number of heads a person has by the number of legs on 2 dogs. > > It's easy for a human, but requires context, something a bot can't do > effectively. > Thanks, > Ash > http://ashleysheridan.co.uk >
