I agree that an image captcha can not be cracked by a lot of people,
allthough it has been done. (and it takes only one program being released
to do the job : ) ) Somethings to keep in mind is that you should use
passphrases made up of random letters and numbers preventing the automated
system
From: <[EMAIL PROTECTED]>
> A different approache for the captcha.. instead of using a blurred image
> use some text and than ask a question about the text like
>
> What does the 2nd word in the first line of the 4thparagraph say?
Reading images can still be automated, it just takes a lot more ti
A different approache for the captcha.. instead of using a blurred image
use some text and than ask a question about the text like
What does the 2nd word in the first line of the 4thparagraph say?
Things to make sure:
- Use enough texts so that guessing the correct word is not possible.
- Use r
* Thus wrote Chris Shiflett ([EMAIL PROTECTED]):
> --- Ryan A <[EMAIL PROTECTED]> wrote:
> > Went there [http://www.captcha.net/], but the program just generates
> > some clear alpha numeric images...i want something blurred or
> > distorted like the samples there have there.
>
> What program? The
A" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, September 25, 2003 2:00 AM
Subject: [PHP] Re: chris->Re: [PHP] 3 mins of your time please...logic
problem
> --- Ryan A <[EMAIL PROTECTED]> wrote:
> > WHERE?? Can you point me to them?
>
> I had a tough tim
--- Chris Shiflett <[EMAIL PROTECTED]> wrote:
> I had a tough time myself. I just went to this page:
>
> http://www.captcha.net/cgi-bin/ez-gimpy
I meant to say that this page has the HTML comment:
http://www.captcha.net/captchas/gimpy/
Chris
=
Become a better Web developer with the HTTP De
--- Ryan A <[EMAIL PROTECTED]> wrote:
> WHERE?? Can you point me to them?
I had a tough time myself. I just went to this page:
http://www.captcha.net/cgi-bin/ez-gimpy
And, when I view source, I see the following in an HTML comment:
The following versions are available for download:
EZ-Gimpy,
Gi
--- Ryan A <[EMAIL PROTECTED]> wrote:
> Went there [http://www.captcha.net/], but the program just generates
> some clear alpha numeric images...i want something blurred or
> distorted like the samples there have there.
What program? There are a few there, and they all generate images that are
blu
Hey,
Tried it...not too good :-(
-Ryan
> On Thursday 25 September 2003 05:44, Ryan A wrote:
>
> > Can you give me any links for generating blurry images that can be human
> > identified quickly but not so easy by automation?
>
> There's a class in www.phpclasses.org which help you generate such
Hey,
Went there, but the program just generates some clear alpha numeric
images...i want something blurred or distorted like the samples there have
there.
Cheers,
-Ryan
>
> http://www.captcha.net/
>
> Hope that helps.
>
> Chris
>
> =
> Become a better Web developer with the HTTP Developer's Ha
On Thursday 25 September 2003 05:44, Ryan A wrote:
> Can you give me any links for generating blurry images that can be human
> identified quickly but not so easy by automation?
There's a class in www.phpclasses.org which help you generate such images,
I've no idea how good it is.
It's pretty s
--- Ryan A <[EMAIL PROTECTED]> wrote:
> Can you give me any links for generating blurry images that can be
> human identified quickly but not so easy by automation?
http://www.captcha.net/
Hope that helps.
Chris
=
Become a better Web developer with the HTTP Developer's Handbook
http://httph
Hey,
Thanks for the suggestion, didnt know it can be so automated.
Can you give me any links for generating blurry images that can be human
identified quickly but not so easy by automation?
Thanks,
-Ryan
> On Thursday 25 September 2003 05:14, Ryan A wrote:
>
> > Its already a bit of a pain in the
On Thursday 25 September 2003 05:14, Ryan A wrote:
> Its already a bit of a pain in the ass, the user has to login to his email
> and confirm his address by clicking on a link that has his $cno and
> $random_word before being allowed to vote...unless he/she already has a
> "mylist" account and is
Its already a bit of a pain in the ass, the user has to login to his email
and confirm his address by clicking on a link that has his $cno and
$random_word before being allowed to vote...unless he/she already has a
"mylist" account and is logged in.
Cheers,
-Ryan
>
> > Thats already done, the us
On Thursday 25 September 2003 04:03, Ryan A wrote:
> Thats already done, the user has to authenticate his address by clicking on
> the link which contains his $CNO and $random_number
> But the rateing system is for webhosts, and webhosts usually have a catch
> all email address so they can use n n
Now THERES an idea, if 2 people are willing to vote am going on the PHP
cruise :-D
Cheers,
-Ryan
>
> Charge them a thousand dollars for each vote. That should cut down on some
of
> the fraud.
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.p
Hey,
> You could take it further and only allow one vote per user and then log
> their IP address as well.
Thats exactly what i am trying. First it will check on $username, if that
passes then it checks on $IP if that passes, allow the vote if not
> There won't be many people who are determin
Hey John,
Thats already done, the user has to authenticate his address by clicking on
the link which contains his $CNO and $random_number
But the rateing system is for webhosts, and webhosts usually have a catch
all email address so they can use n number of email addresses
Cheers,
-Ryan
> So
On Thursday 25 September 2003 03:52, Dan Joseph wrote:
> Ok, let's examine the part where I said its not full-proof...
I believe you mean fool-proof? Actually it *is* pretty fool-proof, because
hopefully fools aren't smart enough to delete said cookies ;-)
--
Jason Wong -> Gremlins Assoc
Hi,
> > Another way to restrict them to one vote is to set a
> cookie. Although not
> > completely full-proof, its a method I've seen a lot of them use.
Ok, let's examine the part where I said its not full-proof...
-Dan Joseph
--
PHP General Mailing List (http://www.php.net/)
T
On Thursday 25 September 2003 02:13, Dan Joseph wrote:
> Another way to restrict them to one vote is to set a cookie. Although not
> completely full-proof, its a method I've seen a lot of them use.
This is probably the easiest 'security' measure to circumvent. How hard is it
to delete a c
--- Dan Joseph <[EMAIL PROTECTED]> wrote:
> Another way to restrict them to one vote is to set a cookie.
> Although not completely full-proof, its a method I've seen a lot
> of them use.
That's way too easy to avoid. You might rule out the bottom 50% of the computer
illiterate, but these are proba
On Thursday 25 September 2003 02:21, Ryan A wrote:
> > If your "poll" is really so important that you need to limit people from
> > voting twice, then make them log in and only allow one vote per username.
>
> I thought of that, I am making them login before voteing but whats to stop
> them from c
riginal Message-
From: CPT John W. Holmes [mailto:[EMAIL PROTECTED]
Sent: 24 September 2003 17:54
To: Ryan A; [EMAIL PROTECTED]
Subject: Re: [PHP] 3 mins of your time please...logic problem
From: "Ryan A" <[EMAIL PROTECTED]>
> Basically trying to limit the "vote&quo
Hey John,
Thanks for replying.
> Just get rid of the check for IP address. All you're going to do is
restrict
> a bunch of people that actually haven't voted just because they have the
> same IP address as someone else. Some ISPs have it so that all requests
look
> like they are coming from the sa
, 2003 1:54 PM
> To: Ryan A; [EMAIL PROTECTED]
> Subject: Re: [PHP] 3 mins of your time please...logic problem
>
>
> From: "Ryan A" <[EMAIL PROTECTED]>
>
> > Basically trying to limit the "vote" to just 1 per person, first am
> checking
> > if t
From: "Ryan A" <[EMAIL PROTECTED]>
> Basically trying to limit the "vote" to just 1 per person, first am
checking
> if the the person with username has voted, if that comes back as false
then
> am checking his ip (because i dont know if the person changed his
username
> and is trying to vote agai
You might try to perform bother queries first then check then by
If ($result1 || $result2) {
echo "You have already voted";
} else {
...
}
This means that if either the username or ip or both exists in the db,
then the user is denied...
Hope this is along the lines of what your needing
29 matches
Mail list logo
