Posted by vrlist.info on 12/05/07 12:43

Hi Andy,

I am going to try it. Thank you for your answer.

Regards,

Luisa
http://www.vrlist.info

On 5 dic, 10:57, "Andrew Bailey" <newsgr...@dontspammeyoumofo.com>
wrote:
> "C." <colin.mckin...@gmail.com> wrote in message
>
> news:38aee82b-ee74-499a-81b8-79bf49d3356a@d4g2000prg.googlegroups.com...
>
>
>
> > On 4 Dec, 12:25, "vrlist.info" <vrlist.i...@gmail.com> wrote:
> >> Hello,
>
> >> I have a directory,http://www.vrlist.info, where people add their
> >> vacation rental items via a form.
>
> >> In this moment I register the submissions at a separate table and
> >> manually delete the spams (about 95% of the total submission and it is
> >> going up).
>
> >> I do not like the catcha system.
>
> > Is it Turing tests in general you don't like? Use a different one.
>
> >> I have an idea and so I am registration the IPs of the sites
> >> considered as spam in a different table (fields: IP, last-date,
> >> times). Most of them are repeting submissions.
>
> > It would take almost as long to write the code for this as to write
> > this post. If it solves your problem then fine - but its not valid as
> > a generic solution.
>
> > I'd suggest requiring a validated email address for all posters and
> > mediating the content via email with spamassasin and let it do the
> > hard work.
>
> > C.
>
> Hi Colin,
>
> I had a similar problem with automated spam registrations on my phpBB2
> forum. It seems that spam robots hunt the web looking for forms to fill in,
> more specifically they look for the following structure...
>
> <form>
> <input>
> <input.... etc>
> <submit>
> </form>
>
> ... fill in the text inputs with their spam and then submit the form. I
> discovered that if you break the structure flow of a form then the form
> doesn't work so for example, if I were to remove the <input
> type="submit"....> part then the whole form fails and the spam robots cant
> use it.
>
> So the next thought was if I could devise a test to separate a human from a
> robot I could then replace the missing part of the form and it would work.
> What I came up with is a confirmation button that the users has to click and
> HOLD for a random amount of time between 1 and 10 seconds and be able to
> RELEASE within one second of being told to do so.
>
> Here's the gist of my code...
>
> <html>
> <head>
>
> <script type="text/javascript" language="JavaScript">
> <!-- DISABLE THE SUBMIT BUTTON
> var robotusr = 1;
> function human(){
> robotusr = 1;
> var rnd = (Math.random())*10000;
> document.getElementById('confirminfo').innerHTML='<b>KEEP HOLDING THE MOUSE
> BUTTON DOWN...</b>';
> t=setTimeout("document.getElementById('confirminfo').innerHTML='<b>RELEASE
> THE MOUSE BUTTON NOW !!!</b>'; opendoor();", + rnd);}
>
> function opendoor(){
> robotusr = 0;
> setTimeout('closedoor()', 1000);}
>
> function closedoor(){
> robotusr = 2;}
>
> function robot(){
> if (robotusr==1){
> document.getElementById('submitspan1').innerHTML='FAILED';
> clearTimeout (t);
> document.getElementById('confirminfo').innerHTML='<b>YOU RELEASED THE MOUSE
> BUTTON TOO EARLY, PLEASE TRY AGAIN...</b>';} else if (robotusr==2) {
>
> document.getElementById('submitspan1').innerHTML='FAILED';
> document.getElementById('confirminfo').innerHTML='<b>YOU RELEASED THE MOUSE
> BUTTON TOO LATE, PLEASE TRY AGAIN...</b>';} else {
>
> document.getElementById('submitspan1').innerHTML='<input type="submit"
> name="submit" value="{L_SUBMIT}" class="inputbuttonbold150" title="Click
> here to SUBMIT your PROFILE" hidefocus>';
> document.getElementById('confirminfo').innerHTML='<b>THANK YOU, PLEASE CLICK
> THE SUBMIT BUTTON</b>';}
> }
>
> // - End of JavaScript - -->
> </script>
>
> </head>
> <body>
>
> <form>
>
> <input type="text">
> <input type="text">
> <input type="text">
>
> <!-- CONFIRM BUTTON -->
> <table cellspacing="0" cellpadding="0" width="100%">
> <tr>
> <td width="170" align="left" valign="middle"><b>Confirmation</b></td>
> <td width="*" align="left" valign="middle"><div class="small"><span
> id="confirminfo">Due to the increasing number of automated registrations you
> are required to <b>CLICK AND HOLD</b> the button on the right to confirm
> your details are correct</span></div></td>
> <td width="20">&nbsp;</td>
> <td width="150" height="21" align="center" valign="middle"
> class="inputbutton150" title="Click and HOLD this button to confirm">
> <input type="button" onmousedown="human()" onmouseup="robot()" hidefocus
> value="CONFIRM" class="inputbuttonnormal150">
> </td>
> </tr>
> </table>
>
> <!-- SUBMIT BUTTON -->
>
> <table cellspacing="0" cellpadding="0" width="100%">
> <tr>
> <td width="170" align="left" valign="middle"><b>Submit</b></td>
> <td width="*" align="left" valign="middle">&nbsp;</td>
> <td width="20">&nbsp;</td>
> <td width="150" height="21" align="center" valign="middle"
> class="inputbutton150" title="Click here to SUBMIT your PROFILE">
> <span id="submitspan1" class="numbers" style="letter-spacing: 2" title="You
> must CONFIRM to activate this button" hidefocus><s>Submit</s></span>
> </td>
> </tr>
> </table>
>
> </form>
> </body>
> </html>
>
> So far this method has stopped 100% of automated spam registrations for me.
>
> Hope this helps.
>
> Andy

• Next in forum: Re: Combating spam sent via forms
• Prev in forum: Re: Combating spam sent via forms
• Thread view: Re: Combating spam sent via forms

[Reply to this message]