Re: [WebDNA] Captcha question (and free code)

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 103436
interpreted = N
texte = Very cool Ken. Do you have a working example of this some=20 where? Do hackers these days use scripts that: 1- read the content of a web page 2- extract strings like "two hundred eighty three"=20 3- convert them into numbers like "283" 4- enter these values into blank form fields ... so they can get past text-based captcha systems=20 designed=20 to prevent forms from being submitted by hackers? Sincerely, Ken Grome P.S. I'm giving the code away free but I don't think file=20 attachments are allowed in this talk list so you'll have=20 to=20 get it from my website. Please do not redistribute this=20 file=20 without my permission, thanks: http://kengrome.com/downloads/captcha.tpl.zip Here's my description so you can figure out if it's worth=20 downloading *before* you download: This captcha.tpl page creates a word-based captcha system=20 entirely in webdna with no cookies or database required.=20 It=20 displays a 6-digit number as words. To answer the captcha=20 challenge correctly the visitor must translate this value=20 into corresponding numeric digits. =20 Here's how to use this file: 1- Place this captcha.tpl file somewhere inside your web=20 folder hierarchy 2- Place an [include /path/to/captcha.tpl] tag at the top=20 of=20 the form page you want to protect 3- Insert this hidden form field into the form: 4- Insert this text input field into the form: 5- Place the [captchaWords] tag on the page wherever you=20 want the "number-as-words" text to appear The first part of the system is done, now let's proceed=20 with=20 the second part. Use these showif's on the page that=20 receives the form post to determine whether or not the=20 visitor typed the correct answer to the captchaAnswer=20 field,=20 then change what's inside the showif's to show the proper=20 code based on the visitor's captcha answer: [code removed for clarity in this email] When you uncomment the following webdna comment section=20 you can test this captcha system entirely within this file=20 before installing it in your website: [code removed for clarity in this email] Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Captcha question (and free code) (Stuart Tremain 2009)
  2. Re: [WebDNA] Captcha question (and free code) (Donovan Brooke 2009)
  3. Re: [WebDNA] Captcha question (and free code) (Stuart Tremain 2009)
  4. Re: [WebDNA] Captcha question (and free code) (Stuart Tremain 2009)
  5. Re: [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
  6. Re: [WebDNA] Captcha question (and free code) (Clint Davis 2009)
  7. Re: [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
  8. Re: [WebDNA] Captcha question (and free code) ("Dan Strong" 2009)
  9. Re: [WebDNA] Captcha question (and free code) (William DeVaul 2009)
  10. Re: [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
  11. Re: [WebDNA] Captcha question (and free code) ( 2009)
  12. [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
Very cool Ken. Do you have a working example of this some=20 where? Do hackers these days use scripts that: 1- read the content of a web page 2- extract strings like "two hundred eighty three"=20 3- convert them into numbers like "283" 4- enter these values into blank form fields ... so they can get past text-based captcha systems=20 designed=20 to prevent forms from being submitted by hackers? Sincerely, Ken Grome P.S. I'm giving the code away free but I don't think file=20 attachments are allowed in this Talk List so you'll have=20 to=20 get it from my website. Please do not redistribute this=20 file=20 without my permission, thanks: http://kengrome.com/downloads/captcha.tpl.zip Here's my description so you can figure out if it's worth=20 downloading *before* you download: This captcha.tpl page creates a word-based captcha system=20 entirely in webdna with no cookies or database required.=20 It=20 displays a 6-digit number as words. To answer the captcha=20 challenge correctly the visitor must translate this value=20 into corresponding numeric digits. =20 Here's how to use this file: 1- Place this captcha.tpl file somewhere inside your web=20 folder hierarchy 2- Place an [include /path/to/captcha.tpl] tag at the top=20 of=20 the form page you want to protect 3- Insert this hidden form field into the form: 4- Insert this text input field into the form: 5- Place the [captchaWords] tag on the page wherever you=20 want the "number-as-words" text to appear The first part of the system is done, now let's proceed=20 with=20 the second part. Use these showif's on the page that=20 receives the form post to determine whether or not the=20 visitor typed the correct answer to the captchaAnswer=20 field,=20 then change what's inside the showif's to show the proper=20 code based on the visitor's captcha answer: [code removed for clarity in this email] When you uncomment the following webdna comment section=20 you can test this captcha system entirely within this file=20 before installing it in your website: [code removed for clarity in this email]

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

server2003 isolation mode - ME TOO! (2004) Affiliate Marketing Question #2 (1998) WebDNA + SQL Server (2003) Page Counters? (1997) RE: [WebDNA] XML Help (2009) Buying sans cart (1997) multiple search commands (1997) [WebDNA] Writing to db in memory, but not to file (2012) Cart Question (1998) Hyperboard users wanting a quoted message (1998) How to Display text in empty fields (1997) Summ=T Problem (1997) Instructions for Digest (1997) Summing fields (1997) Searching for Nothing (1998) ooops...WebCatalog [FoundItems] Problem - LONG - (1997) ImageMap (1997) Re:quit command on NT (1997) Quit revisited (1997) Webcatalog 3.0.8 on PWS (2000)