Captchas becomming obsolete

Status
Not open for further replies.
R

Rex100

Baseband Member
Messages
30
I was reading about this antispam plug in
Math Comment Spam Protection Plugin — Software Guide

but I think it's overkill - encryption? why? spam bots can't think, let alone read and comprehend ans answer what it can't read and comprehend.

Can you give me the code to compare an input value to 8 (or any constant), and if the input is 8 continue, and if it doesn't = 8 go to Website Hosting - Mysite.com (reload the page)

I'll try to start it:

<form method="get" action="???">
<label for="s">5+3= (Required - protects site from spam bots)</label>
<input type="text" value="" name="s" id="answer" />
<input name="sa" value="enter answer" type="submit" />
<div class="clearfix"></div>
</form>

If "answer" does not = 8, go to mysite.com or something to throw the bots off course or have it erase the inutted answer and ready for another answer/try.

If "answer"=8 then go to next line.

I know my programming is bad, but I don't believe it's that hard to outsmart spam bots.

Thanks,

Rex
 
Actually, bots can read and think. They can read captchas with image-to-text software. That's why captchas are always hard as **** to read, it makes the software less effective.

As for your solution, I'm not sure if that would work. I haven't done much work with anti-spam stuff. Sounds logical, but I'm just not sure the capabilities of some of the more advanced bots.

But, here's your script in PHP:

bot.php
PHP: 
<?php

if (isset ($_POST['submit'])) {
	$answer = $_POST['answer'];

	if (!empty ($answer)) {
		if ($answer == 8) {
			// answer IS 8
			header ('location: http://yoursite.com');
		} else {
			// answer is NOT 8
			header ('location: http://google.com');
		}
	} else {
		// no answer was given
		echo 'You must enter the Answer!';
	}
} else {
	echo '<form method="POST" action="bot.php">
	<label for="answer">5+3= (Required - protects site from spam bots)</label>
	<input type="text" value="" name="answer" id="answer" />
	<input name="submit" value="enter answer" type="submit" />
	<div class="clearfix"></div>
	</form>';
}

?>
 
CrazeD,
Thanks for the code. I'll let you know how the strategy works out. I think the bots can be confused further by having it deal with a more complicated question like - "Answer one of the following: 5+3 or sqare root of 64 or 2 x 2 x2 or or four short of a dozen"
You could run into problems if you or your visitor forgets to do multiplication and division first and use something like 14 - 2 x 3, of course you could always remind the visitor: "Answer one of the following (do multiplication and division first).
You may be able to ask a non math question that uses a number and has a non numerical answer like "What is the 5th month of the year.", only if the "=" in your PHP compares strings and not numbers. Are those "=" in your code comparing strings or numbers? I think strings because of the $ in front of the variable "answer".

Thanks for the help,

Roscoe
 
Hmm, be careful though. If you make this too complicated where users have to actually do work to register, they will lose interest and move on. Something as simple as: "What color is this image?" then make 4 or 5 different boxes that are randomly shown.

The $answer variable in that code takes the variable from the form, which is the $_POST['answer'].

This code takes it one step further and makes sure its a number:

bot.php
PHP: 
<?php

if (isset ($_POST['submit'])) {
    $answer = $_POST['answer'];

    if (!empty ($answer)) {
		if (is_numeric ($answer)) {
			if ($answer == 8) {
				// answer IS 8
				header ('location: http://yoursite.com');
			} else {
				// answer is NOT 8
				header ('location: http://google.com');
			}
		} else {
			// answer is not a number
			echo 'Your Answer is not a number';
		}
    } else {
        // no answer was given
        echo 'You must enter the Answer!';
    }
} else {
    echo '<form method="POST" action="bot.php">
    <label for="answer">5+3= (Required - protects site from spam bots)</label>
    <input type="text" value="" name="answer" id="answer" />
    <input name="submit" value="enter answer" type="submit" />
    <div class="clearfix"></div>
    </form>';
}

?>
 
CrazeD,

I still like this code you wrote best (bot.php)
<?php

if (isset ($_POST['submit'])) {
$answer = $_POST['answer'];

if (!empty ($answer)) {
if ($answer == 8) {
// answer IS 8
header ('location: http://yoursite.com');
} else {
// answer is NOT 8 ........................



In this code is "8" and integer or a string? Someone advised me to use a word for an answer - so can I change all the 8s to "water" in this code? If not what would I need to change - this way (string) I can have the answer be a string or a number in the form of a string.

Thanks CrazeD,

Rex
 
It is a string. PHP doesn't have to specify what data type the string is.

Just change the 8 to your word, but make sure you have single or double quotes, like...$answer == 'water'.

Numbers don't require quotes, any other character does.
 
CrazeD,
One last thing before I work this into my site. If I don't code for if/when spam bots skip the field for the answer to the question, will the spam bots be able to skip to the next field and successfully place their spam? (I'm assuming here that the question and question filed are first, before name, email, url, comments. I don't see any advantage to placing the question anywhere else.)

Thanks,

Rex
 
Rex100 said:
CrazeD,
One last thing before I work this into my site. If I don't code for if/when spam bots skip the field for the answer to the question, will the spam bots be able to skip to the next field and successfully place their spam? (I'm assuming here that the question and question filed are first, before name, email, url, comments. I don't see any advantage to placing the question anywhere else.)

Thanks,

Rex
Click to expand...

Sorry, I don't understand your question. Do you mean if they leave the captcha answer empty, will they be able to process the form still? You can easily code for that, just do

PHP: 
if (empty ($answer)) {
// answer is empty, dont process
} else {
// answer is filled out, process
}

Trotter said:
Bots don't have to read to beat CAPTCHA. there are several places online that sell CAPTCHA solutions. They pay people in India little of nothing to sit and decode tham all day, every day.

Inside India's CAPTCHA solving economy | Zero Day | ZDNet.com
Click to expand...

How can that possibly work...captchas are usually randomly generated strings, how can you "solve" this?
 
CrazeD,
Thanks !! I really think this is going to work. I think Ill rename the file they target also. I'll be sure let let you know what I find. I'll keep track of the number of spam bots my site gets for the next few days, by then I'll install this code and see if the spam traffic has been reduced.

Rex
 
Status
Not open for further replies.

Similar threads

Z
"Earbuds" (???)
Replies
0
Views
835
Zwingly
Z
D
"could not parse error", what should i do?
Replies
1
Views
1K
petergroft29
P
G
How to prevent online applications from getting information about my device
Replies
9
Views
2K
Scissorman
S
J
Licensed money lender IT solution
Replies
0
Views
934
jrsml
J
W
Covert Communication via modulated Ultrasonic Acoustic Pressure Waves
Replies
0
Views
1K
WhiteHatX74
W
Back
Top Bottom