|
|
Posted by Andrew Bailey on 12/05/07 09:57
"C." <colin.mckinnon@gmail.com> wrote in message
news:38aee82b-ee74-499a-81b8-79bf49d3356a@d4g2000prg.googlegroups.com...
> On 4 Dec, 12:25, "vrlist.info" <vrlist.i...@gmail.com> wrote:
>> Hello,
>>
>> I have a directory,http://www.vrlist.info, where people add their
>> vacation rental items via a form.
>>
>> In this moment I register the submissions at a separate table and
>> manually delete the spams (about 95% of the total submission and it is
>> going up).
>>
>> I do not like the catcha system.
>
> Is it Turing tests in general you don't like? Use a different one.
>
>>
>> I have an idea and so I am registration the IPs of the sites
>> considered as spam in a different table (fields: IP, last-date,
>> times). Most of them are repeting submissions.
>>
>
> It would take almost as long to write the code for this as to write
> this post. If it solves your problem then fine - but its not valid as
> a generic solution.
>
> I'd suggest requiring a validated email address for all posters and
> mediating the content via email with spamassasin and let it do the
> hard work.
>
> C.
Hi Colin,
I had a similar problem with automated spam registrations on my phpBB2
forum. It seems that spam robots hunt the web looking for forms to fill in,
more specifically they look for the following structure...
<form>
<input>
<input.... etc>
<submit>
</form>
.... fill in the text inputs with their spam and then submit the form. I
discovered that if you break the structure flow of a form then the form
doesn't work so for example, if I were to remove the <input
type="submit"....> part then the whole form fails and the spam robots cant
use it.
So the next thought was if I could devise a test to separate a human from a
robot I could then replace the missing part of the form and it would work.
What I came up with is a confirmation button that the users has to click and
HOLD for a random amount of time between 1 and 10 seconds and be able to
RELEASE within one second of being told to do so.
Here's the gist of my code...
<html>
<head>
<script type="text/javascript" language="JavaScript">
<!-- DISABLE THE SUBMIT BUTTON
var robotusr = 1;
function human(){
robotusr = 1;
var rnd = (Math.random())*10000;
document.getElementById('confirminfo').innerHTML='<b>KEEP HOLDING THE MOUSE
BUTTON DOWN...</b>';
t=setTimeout("document.getElementById('confirminfo').innerHTML='<b>RELEASE
THE MOUSE BUTTON NOW !!!</b>'; opendoor();", + rnd);
}
function opendoor(){
robotusr = 0;
setTimeout('closedoor()', 1000);
}
function closedoor(){
robotusr = 2;
}
function robot(){
if (robotusr==1){
document.getElementById('submitspan1').innerHTML='FAILED';
clearTimeout (t);
document.getElementById('confirminfo').innerHTML='<b>YOU RELEASED THE MOUSE
BUTTON TOO EARLY, PLEASE TRY AGAIN...</b>';
} else if (robotusr==2) {
document.getElementById('submitspan1').innerHTML='FAILED';
document.getElementById('confirminfo').innerHTML='<b>YOU RELEASED THE MOUSE
BUTTON TOO LATE, PLEASE TRY AGAIN...</b>';
} else {
document.getElementById('submitspan1').innerHTML='<input type="submit"
name="submit" value="{L_SUBMIT}" class="inputbuttonbold150" title="Click
here to SUBMIT your PROFILE" hidefocus>';
document.getElementById('confirminfo').innerHTML='<b>THANK YOU, PLEASE CLICK
THE SUBMIT BUTTON</b>';
}
}
// - End of JavaScript - -->
</script>
</head>
<body>
<form>
<input type="text">
<input type="text">
<input type="text">
<!-- CONFIRM BUTTON -->
<table cellspacing="0" cellpadding="0" width="100%">
<tr>
<td width="170" align="left" valign="middle"><b>Confirmation</b></td>
<td width="*" align="left" valign="middle"><div class="small"><span
id="confirminfo">Due to the increasing number of automated registrations you
are required to <b>CLICK AND HOLD</b> the button on the right to confirm
your details are correct</span></div></td>
<td width="20"> </td>
<td width="150" height="21" align="center" valign="middle"
class="inputbutton150" title="Click and HOLD this button to confirm">
<input type="button" onmousedown="human()" onmouseup="robot()" hidefocus
value="CONFIRM" class="inputbuttonnormal150">
</td>
</tr>
</table>
<!-- SUBMIT BUTTON -->
<table cellspacing="0" cellpadding="0" width="100%">
<tr>
<td width="170" align="left" valign="middle"><b>Submit</b></td>
<td width="*" align="left" valign="middle"> </td>
<td width="20"> </td>
<td width="150" height="21" align="center" valign="middle"
class="inputbutton150" title="Click here to SUBMIT your PROFILE">
<span id="submitspan1" class="numbers" style="letter-spacing: 2" title="You
must CONFIRM to activate this button" hidefocus><s>Submit</s></span>
</td>
</tr>
</table>
</form>
</body>
</html>
So far this method has stopped 100% of automated spam registrations for me.
Hope this helps.
Andy
Navigation:
[Reply to this message]
|