For a while I've been wanting to come up with some kind of CAPTCHA hack for dbman, so I've taken the lazy route and created a "faux" CAPTCHA mod. It works.
CAPTCHA is one of those goofy little pictures with words, numbers, letters you have to type in a box in order to submit a form, etc. CAPTCHA stands for "blah blah blah Turing Test blah blah" and involves artificial intelligence (google it). In a "real" captcha program the computer will generate an image (and not simply display an existing image) and somehow the program knows what that image represents (like I said, google it).
This hack simply displays a random set of images that represent pre-defined "pass codes" that users must enter in order to add a record. It's really simple and easy to add to your existing dbman and makes you look "official" and may actually stop spammers from posting to your db - it's worth a try.
Here is a working copy: www.bridgemarkdesign.com/cgi-bin/db_test/db.cgi (log in as "guest" & "guest").
(I'll leave this script up for a while - it's a plain out-of-the-box dbman install with only the below hacks.)
Change the following files:
##################################################################
db.cgi - look for the sub "validate_record"
change the following line:
--------------------------
close DB:
}
to:
--------------------------
close DB;
if (!($in{'captcode'} =~ /$captlist/)) { #captcha mod
push(@input_err, "$in{'captcode'} is an Invalid Security Code");
}
}
##################################################################
html.pl - look for the subs "html_add_form" and "html_add_failure"
change the following line (for each sub):
-----------------------------------------
<p><center> <INPUT TYPE="SUBMIT" NAME="add_record" VALUE="Add Record"> <INPUT TYPE="RESET" VALUE="Reset Form"></center></p>
to:
--------------------------
<P><IMG SRC="./$captcha" ALIGN="center"> <INPUT TYPE="text" NAME="captcode"> Enter Security Code
<p><center> <INPUT TYPE="SUBMIT" NAME="add_record" VALUE="Add Record"> <INPUT TYPE="RESET" VALUE="Reset Form"></center></p>
##################################################################
default.cfg - at the bottom (just above the 1;)
change the following line:
__________________________
}
1;
to:
__________________________
}
##captcha mod
@captcha = ('capt1.jpg', 'capt2.jpg', 'capt3.jpg');
$captcha = $captcha[rand(@captcha)];
$captlist = "1A2Cf|%9G3r|At55R";
1;
###################################################################
1. Create pics and call them whatever you want (in this case "capt1.jpg", etc.)
2. Each pic should represent the code you assign to the list.
3. Add the code to your list.
(Don't forget to change the IMG SRC="" to match your path for your files (<IMG SRC="./images/$captcha">, etc.)
Example any pic can contain the code "1234ABC" as long as you have it in your list and
your end-users can reasonably determine from looking a picture that 1234ABC is what
you intended for them to enter in to the code box when adding a record.
Hack away!
For more info on how captcha works - this link has a good article
http://www.brains-n-brawn.com/default.aspx?vDir=aicaptcha
Based on the ten seconds I've spent reading about this subject a good captcha will contain:
different fonts, colors, background "noise", alignments and rotations/distortions.
CAPTCHA is one of those goofy little pictures with words, numbers, letters you have to type in a box in order to submit a form, etc. CAPTCHA stands for "blah blah blah Turing Test blah blah" and involves artificial intelligence (google it). In a "real" captcha program the computer will generate an image (and not simply display an existing image) and somehow the program knows what that image represents (like I said, google it).
This hack simply displays a random set of images that represent pre-defined "pass codes" that users must enter in order to add a record. It's really simple and easy to add to your existing dbman and makes you look "official" and may actually stop spammers from posting to your db - it's worth a try.
Here is a working copy: www.bridgemarkdesign.com/cgi-bin/db_test/db.cgi (log in as "guest" & "guest").
(I'll leave this script up for a while - it's a plain out-of-the-box dbman install with only the below hacks.)
Change the following files:
##################################################################
db.cgi - look for the sub "validate_record"
change the following line:
--------------------------
close DB:
}
to:
--------------------------
close DB;
if (!($in{'captcode'} =~ /$captlist/)) { #captcha mod
push(@input_err, "$in{'captcode'} is an Invalid Security Code");
}
}
##################################################################
html.pl - look for the subs "html_add_form" and "html_add_failure"
change the following line (for each sub):
-----------------------------------------
<p><center> <INPUT TYPE="SUBMIT" NAME="add_record" VALUE="Add Record"> <INPUT TYPE="RESET" VALUE="Reset Form"></center></p>
to:
--------------------------
<P><IMG SRC="./$captcha" ALIGN="center"> <INPUT TYPE="text" NAME="captcode"> Enter Security Code
<p><center> <INPUT TYPE="SUBMIT" NAME="add_record" VALUE="Add Record"> <INPUT TYPE="RESET" VALUE="Reset Form"></center></p>
##################################################################
default.cfg - at the bottom (just above the 1;)
change the following line:
__________________________
}
1;
to:
__________________________
}
##captcha mod
@captcha = ('capt1.jpg', 'capt2.jpg', 'capt3.jpg');
$captcha = $captcha[rand(@captcha)];
$captlist = "1A2Cf|%9G3r|At55R";
1;
###################################################################
1. Create pics and call them whatever you want (in this case "capt1.jpg", etc.)
2. Each pic should represent the code you assign to the list.
3. Add the code to your list.
(Don't forget to change the IMG SRC="" to match your path for your files (<IMG SRC="./images/$captcha">, etc.)
Example any pic can contain the code "1234ABC" as long as you have it in your list and
your end-users can reasonably determine from looking a picture that 1234ABC is what
you intended for them to enter in to the code box when adding a record.
Hack away!
For more info on how captcha works - this link has a good article
http://www.brains-n-brawn.com/default.aspx?vDir=aicaptcha
Based on the ten seconds I've spent reading about this subject a good captcha will contain:
different fonts, colors, background "noise", alignments and rotations/distortions.
