php-windows Digest 27 Apr 2012 18:02:35 -0000 Issue 4032
Topics (messages 30851 through 30851):
Re: Alternative to captcha - using JQuery and ajax to 'time' form input
30851 by: Bogdan Ribic
Administrivia:
To subscribe to the digest, e-mail:
php-windows-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-windows-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-wind...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
Well it is still vulnerable to using an embedded instance of MSIE to go
to site and fill in the data - IE will accept the cookies, process
javascript, click on the button... do everything a real user would. One
way to foil this embedded setup is to log mouse movements and keyboard
events with jquery and send that as well, then check on server side, but
I don't know if that would play well with mobile devices.
My 2 cents, anyway :)
On 4/26/2012 16:59, Jacob Kruger wrote:
Opinions/thoughts?:
http://docs.jquery.com/Tutorials:Safer_Contact_Forms_Without_CAPTCHAs
Basically it pulls the server time in background using an ajax call, and
implements an MD5 encrypted value in a hidden field, and then you can double
check the timing of form input to sort of verify that it was real time, and not
a form of automated process, by a spambot/robot as such.
Only real issue here is it would require user to have cookies and javascript
enabled, but anyway..?
--
http://www.rbisoftware.com/outsourcing.php
--- End Message ---
