L Posted January 4, 2008 Share Posted January 4, 2008 Hey, For an anti-bot check I thought I would create a hidden input, and if it was filled(because bots usually fill in everything) it wouldn't let it to register. But for some reason the opposite is happening for me..when it's not set it gives the error and vice versa //in form tag <input type="hidden" name="notcool" id="notcool" value="" /> if (isset($_POST['register'])) { if (isset($_POST['notcool'])) { $msg = "You have been deemed a bot...if you are not a bot, then try again..."; confirm($msg); } //above is first part of check in the registration page When I put !isset($_POST['notcool'])) then it works fine...can someone explain to me what's wrong here because I'm confused. ??? Thanks for your time, ~L Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/ Share on other sites More sharing options...
Ken2k7 Posted January 4, 2008 Share Posted January 4, 2008 Just put up a new input field and ask a simple question like: Is ice cream hot or cold? Bots don't usually answer them right. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430260 Share on other sites More sharing options...
adam291086 Posted January 4, 2008 Share Posted January 4, 2008 you could always make a random number generator and ask the user to verify the number. I gave a random number generator script if you need some help. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430266 Share on other sites More sharing options...
L Posted January 4, 2008 Author Share Posted January 4, 2008 Yah, that'd be appreciated...I don't know how I could make one. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430272 Share on other sites More sharing options...
Ken2k7 Posted January 4, 2008 Share Posted January 4, 2008 echo rand(); ? You should run rand(), store it in a variable and use that. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430278 Share on other sites More sharing options...
adam291086 Posted January 4, 2008 Share Posted January 4, 2008 i Got this from a tutorial i will try and find where it was Here is the code <?php session_start(); // generate 5 digit random number $rand = rand(10000, 99999); // create the hash for the random number and put it in the session $_SESSION['image_random_value'] = md5($rand); // create the image $image = imagecreate(60, 30); // use white as the background image $bgColor = imagecolorallocate ($image, 255, 255, 255); // the text color is black $textColor = imagecolorallocate ($image, 0, 0, 0); // write the random number imagestring ($image, 5, 5, 8, $rand, $textColor); // send several headers to make sure the image is not cached // taken directly from the PHP Manual // Date in the past header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // always modified header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // HTTP/1.1 header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); // HTTP/1.0 header("Pragma: no-cache"); // send the content type header so the image is displayed properly header('Content-type: image/jpeg'); // send the image to the browser imagejpeg($image); // destroy the image to free up the memory imagedestroy($image); ?> Then in your register page. Add in <img src="randomImage.php"> That will create a random number for you. Then when you send in the details for the registration you check the number the user entered agaist the session set by the radomimage.php. If it is correct then continue. Hope that makes sense Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430280 Share on other sites More sharing options...
Daniel0 Posted January 4, 2008 Share Posted January 4, 2008 Hey, For an anti-bot check I thought I would create a hidden input, and if it was filled(because bots usually fill in everything) it wouldn't let it to register. But for some reason the opposite is happening for me..when it's not set it gives the error and vice versa //in form tag <input type="hidden" name="notcool" id="notcool" value="" /> if (isset($_POST['register'])) { if (isset($_POST['notcool'])) { $msg = "You have been deemed a bot...if you are not a bot, then try again..."; confirm($msg); } //above is first part of check in the registration page When I put !isset($_POST['notcool'])) then it works fine...can someone explain to me what's wrong here because I'm confused. ??? Thanks for your time, ~L Check if it's empty() instead. Even if it is set it can still be empty. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430308 Share on other sites More sharing options...
Yesideez Posted January 4, 2008 Share Posted January 4, 2008 I've seen many requests for captcha/anti bot scripts like this and to help make things a little easier I've always posted a link to my website and say "if you want the code to use that script you can have it - PM me" http://www.pictureinthesky.net The captcha script can be found on the guestbook and the contact me page. As I said, if you want it you can have it. This is what it makes: Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430363 Share on other sites More sharing options...
L Posted January 4, 2008 Author Share Posted January 4, 2008 @adam The script seems to work(the image appears), but when I check it against what the user types it fails every time. Here's my code. if (md5($_POST['image']) != $_SESSION['image_random_value']) { $msg="You have been deemed a bot...if you are not a bot then contact the admin at ninjitsudude@gmail.com"; confirm($msg); } @Daniel Would be overkill if I were to use this method and a captcha one? @Yesideez I sent you the pm. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430679 Share on other sites More sharing options...
Daniel0 Posted January 4, 2008 Share Posted January 4, 2008 @Daniel Would be overkill if I were to use this method and a captcha one? Probably. CAPTCHA works ok. It's not perfect, but it works. First of all there is the problem with blind people. Their screen readers cannot read the CAPTCHA image. Bots can read some CAPTCHAs using OCR (optical character recognition), which is the same technique used when scanning paper documents into digital documents. Unless the CAPTCHA is obscure enough you could create a program which will read your CAPTCHA image. If it's too obscure humans cannot read it either. You can deal with the blind people by having a service which reads the contents of the image aloud. reCAPTCHA offers an API which will generate CAPTCHAs and audio challenges for you. It's free to use. Another solution is to give the user a task to perform. It could be a math challenge for instance. Or it could be like showing nine pictures for instance, eight being dogs and the last one being a cat. The user must select the cat image in order to proceed - then of course you still have the problem with the blind people, but like CAPTCHA you could offer an alternative challenge for them. Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430760 Share on other sites More sharing options...
helraizer Posted January 5, 2008 Share Posted January 5, 2008 @Daniel Would be overkill if I were to use this method and a captcha one? Probably. CAPTCHA works ok. It's not perfect, but it works. First of all there is the problem with blind people. Their screen readers cannot read the CAPTCHA image. Bots can read some CAPTCHAs using OCR (optical character recognition), which is the same technique used when scanning paper documents into digital documents. Unless the CAPTCHA is obscure enough you could create a program which will read your CAPTCHA image. If it's too obscure humans cannot read it either. You can deal with the blind people by having a service which reads the contents of the image aloud. reCAPTCHA offers an API which will generate CAPTCHAs and audio challenges for you. It's free to use. Another solution is to give the user a task to perform. It could be a math challenge for instance. Or it could be like showing nine pictures for instance, eight being dogs and the last one being a cat. The user must select the cat image in order to proceed - then of course you still have the problem with the blind people, but like CAPTCHA you could offer an alternative challenge for them. Although they say as the captchas become more advanced so do the bots; the bots can read the characters on the image, yes. If your captcha code is a string that the user then inputs it'll be easy for a bot, however, if you split the string (str_split()) into an array, then ask the user to input certain characters, such as 1, 5, 6. So if the string is 6 characters long AV43D2 -the user would need to input AD2 to pass. Then have it randomly choose the characters. So one time it would be 1, 5, 6 (AD2) and the next, 6, 2, 2 (2VV). A bot would have trouble with that, would it not? Sam Quote Link to comment https://forums.phpfreaks.com/topic/84456-solved-anti-bot-check/#findComment-430847 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.