[KLUG Members] Looking for PHP code snippet.

[Rusty Yonkers]

I know that most captchas are computer generated images.  It would seem 
like a "poor mans" version would be to simply doctor up a few dozen 
graphic images in something like the gimp or photoshop and then put them 
in a database with the correct answer in another field.  Then you could 
display the blob object on the web page with a simple PHP call and then 
compare the answer to the solution in the database.  You could even add 
another blob with the audio of the challenge as well for visually 
impaired. 

I do like the idea of asking simple questions though.  Almost like the 
questions that Leisure Suit Larry asked to verify you were an adult to 
be able to play the game.  You could even offer three questions and they 
have to answer one of the three so that only the most stupid would not 
get in.


Bruce Smith wrote:

>>CAPTCHAs can never stop an attacker, only slow him/her down.  ...
>>    
>>
>
>Right.  I'm thinking about replacing some generic email addresses with
>web forms to get rid of some spam.  
>
>I doubt a spammer will go to the trouble of programming something to
>send a few people email.  Even if they do, every little bit I slow down
>a spammer, the better!  :-)
>
>  
>
>>CAPTCHAs are very easy to do if your attacker is not especially
>>determined.  Like the sticker in a car window that says "protected
>>by Leet Security Systems," sometimes all that's necessary is to
>>encourage your attacker to hit someone else's site besides yours.
>>    
>>
>
>Probably all I need.  The web form without a captcha is probably good
>enough, but adding a captcha makes it much safer.
>
>  
>
>>CAPTCHAs don't have to be images.  For most programmers who want to
>>roll their own, and if the CAPTCHA won't be used on a huge website
>>or a network of large websites, I would advise writing something
>>completely textual in nature.  It doesn't take much to emit
>>questions whose answers are obvious to humans, but which would be
>>nontrivial to write a program to solve.  Also, textual challenges
>>are more friendly for visually-impaired readers.  For example, you
>>could ask your users:
>>    
>>
>
>I like that idea!  If someone breaks it, just change the questions.
>The only down side is you are excluding some foreigners with limited
>English language skills.  (and really stupid people, but that's OK ;)
>
>I've already wrote a proof-of-concept captcha in PHP that creates a png
>file with numbers.  It does nothing but display the graphic and a text
>box, and the next screen tells if you entered the correct number.  
>Take a look if you want:  http://www.reddog.org/verimg/verify1.php
>
>It's nothing great yet.  I plan on adding a different color background
>with some lines and other noise.
>
> - BS
>
>
>_______________________________________________
>Members mailing list
>Members at kalamazoolinux.org
>
>
>
>  
>


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.9.5 - Release Date: 4/7/2005