The mention of TicketMaster spurred my memory... Anybody looking to
implement CAPTCHA might want to read this:
http://www.codinghorror.com/blog/archives/001001.html.
Basically if you want to do it right it sounds like you will need to put
in a lot more work than just throwing something out there.
-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Dave Odom
Sent: Tuesday, September 02, 2008 2:00 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] CAPTCHA image validation in web form
FWIW,
How about changing the CCSID "on the fly" or
Check with TicketMaster as they use this technique.
Dave
Nathan Andelin <nandelin@xxxxxxxxx> 9/1/2008 08:05 >>>
I've never output a form that prompted the user to enter the characters
represented in a Captcha image. But if you had a table on your server
that cross-referenced the character representation with the image file
name, the validation logic would just be a regular string comparison
against the appropriate table row & column, and the type of thing you
could easily do in just about any server language.
I understand that the purpose of distorting the image is to prevent it
from being converted to a character string via standard optical
character recognition, which could be employed via bot. You want to
make sure the user is more intelligent (human) than a bot.
So my question would be, is there software available that can convert
simple character strings into distorted image representation, so you can
generate your own table of prompts?
Nathan.
----- Original Message ----
From: "Guillermo Andrades, CPI Software" <gab@xxxxxxx>
To: Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>
Sent: Sunday, August 31, 2008 1:39:47 PM
Subject: [WEB400] CAPTCHA image validation in web form
some experiences using captcha image validation in web forms?
please not php not python not java....
(btw, info about captcha in wikipedia:
http://en.wikipedia.org/wiki/Captcha)
Interested in some way of web services or having a full directory with
images or so on, some not requering script in the host (RPG code, even C
or
C++ will be welcome).
The intend use is an not-as-secure-as-FBI form, thus: don't need double
nor
complex validation.
client side is html+javascript, host is RPGIV.
Thanks in advance,
Guillermo.
As an Amazon Associate we earn from qualifying purchases.