...

View Full Version : Adding CAPTCHA for first-time use of my site's shoutbox.



Yay
09-07-2009, 12:09 PM
Hi,

I was wondering if it was possible to include a CAPTCHA field on my sites Shoutbox (http://kwivia.co.uk/c/), but, the CAPTCHA would disappear once the user has entered in a code once.

Is it possible?
If yes, how could I do this?

Regards

SKDevelopment
09-07-2009, 02:05 PM
You could set some session variable after the CAPTCHA is entered. E.g. like this:


$_SESSION['captcha_entered'] = 1;

If the variable is not empty (http://php.net/empty) or is set (could be checked with isset() (http://php.net/isset)), you would not show the CAPTCHA ever again.


if(empty($_SESSION['captcha_entered']))
{
// Show your CAPTCHA here
}



if(!isset($_SESSION['captcha_entered']))
{
// Show your CAPTCHA here
}


Please notice that it is possible to make an attack when an attacker enters the CAPTCHA for the first time manually. And then uses a script to send as much spam to your shoutbox as he wishes...

[vengeance]
09-07-2009, 02:25 PM
If you use sessions, they'd expire and the user has to type in the captcha code again.

Or you could log it in the database - which if they have posted a captcha code and input it in a table, and then check if the user has posted a captcha code.

But as the person above me said, it could be dangerous.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum