|
|
Posted by Erwin Moller on 10/10/57 11:59
pittendrigh wrote:
> I have a home-rolled boat building (I wrote the php code) file based
> forum. I don't want to post a link to it , because that will
> just result in a new wave of spam post attempts.
>
> I get 5-6 legitimate posts a day, and upwards of
> 20 attempts a day to post links to pharmacy sites,
> porno sites and investment sites.
>
> I have a way of aborting most of those post attempts,
> based on a hard-coded list of known domains and keywords.
>
> But I have to continually delete new posts and add
> that new guy's address to the bad-guy list.
> I assume, but I don't really know, that most of
> these posts are coming from bots, rather than
> interactive posters using the GUI and keyboard.
>
> THE QUESTION
> If I set a $_SESSION variable in the GUI,
> and then abort posts if that SESSION variable
> isn't set, will that work? Will that force all
> posts to come from the keyboard and GUI?
No, that won't help a thing.
And besides that you cannot set a SESSION variable from a 'gui'.
It is a serverthing only.
What you DO need is CAPTCHA.
Google for it, or maybe better, go to www.wikipedia.com and look it up, they
have a great description for those unfamiliar with captcha.
The idea behind most CAPTCHA solutions is simple:
Give the client a picture with some numbers and letters.
And demand that you fill that into the form too.
If not, the form is not accepted.
Bots cannot read pictures, and most will fail.
Remember, you can keep out the porn/money/pills bots, but not the
porn/money/pills people. The latter are best burried all togheter at the
bottom of the sea.
>
> .....Or will the pesistant jerks be able to figure out
> that's what's going on, and get around it somehow?
Navigation:
[Reply to this message]
|