Reply to Re: [PHP] Preventing automated account creation

Your name:

Reply:


Posted by Josip Dzolonga on 04/06/05 15:34

coding@digital-data.co.uk wrote:

>Hi,
>
> I have been investigating ways of preventing automated account
>creation on the e-commerce system I am currently working on. Obviously I
>have seen the graphical solutions to this problem, a small image containing
>several letters and numbers which must be typed in by the user to confirm
>account creation. However, this (it seems to me) is a bit overkill for what
>is a pretty small client, I'm not entirely sure it's a good use of time to
>create this script solely for them, does anyone know of anything
>pre-packaged? Furthermore is it really worth doing this, what risks do
>automated account creation present to an e-commerce site?
>
>
>
>Tom Williams,
>
>Digital Data
>
>
>
>
Well, CAPTCHA ( http://en.wikipedia.org/wiki/Captcha) is a pretty neat
solution ( http://www.pear.php.net/package/Text_CAPTCHA ). You can also
generate random numbers (www.php.net/rand www.php.net/mt_rand) and
combining it with this PEAR package
http://www.pear.php.net/package/Numbers_Words which is also a good
solution. The pass-string if I can call it so is best to be kept as a
session variable, since it's stored on the server-side and the user
can't view it. Storing its hash in a cookie can be also pretty fine, but
storing it in a GET variable is more than stupid.

Hope this helps,

--
Josip Dzolonga
http://josip.dotgeek.org

jdzolonga[at]gmail.com

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация