Mara flatfile CMS

Captcha Plugin

headaches for robots, not for humans

An innovative numeric captcha which protects against robot form posting or harvesting of addresses, without the use of the highly distorted text which so frequently causes problems and aggravation for site visitors. 

Example:

s ix  hundre d  and  fo rty - two   tho us and   two   hundre d  and  s e ve nte e n

To see different values, refresh this page. You will note that if you enter a response and then tab away from the response field, the field changes to green if you have given the correct response, red if you have gotten it wrong. This saves a great deal of frustration caused by incorrect submissions. However, since making multiple entries will result in a large number of incorrect responses being flagged as 'green' as well as the single correct one,  this self-check mechanism does not provide a robot with a reliable means of obtaining the answer by brute force.

To use, invoke the plugin with:

<php include(plugin('captcha'))"?> Then do...
$captcha = new captcha();
$captcha->set();
$captcha->cksum2js();

... and then obtain the captcha data from the session as:

$captcha_data=gets("captcha");
$captcha_data["plain"] = plaintext challenge
$captcha_data[1] = first section of obfuscated challenge
$captcha_data[2] = second section of obfuscated challenge
$captcha_data[3] = third section of obfuscated challenge
$captcha_data["hash"] = hash of plaintext challenge

captcha_set() takes three optional arguments; the name of the returned session array variable (in case there is a need for multiple captchas) and the random range lower and upper limits.

The captcha validation mechanism (for use on form submissions) requires that a php session be established. It will therefore not work on computers which refuse temporary session cookies.

The obfuscated challenge has altered word spacing to make robotic word recognition more difficult. It is supplied in three sections to permit display of each section in  a separate table, span or div field if desired. This makes further difficulties for 'bots, especially if the question parts are nonconsecutive in the page source. The sections can be joined into a single line if this is not felt necessary.

Note that unlike many commercial captchas, nothing is written to the webpage by the plugin.
It's left up to you to format the returned data as you want it. A little more work, but more flexible.

To test a response (usually on a new page instance unless Ajax is used) invoke the plugin and do:

<php include(plugin('captcha'))"?>
$captcha = new captcha();
$arewehuman=$captcha->validate($_POST['captcha']);

-which should return 1 for human, 0 for robot, false for no captcha data.

To see the captcha in action in a typical real-world application, visit the Contact Form link on the side menu.

 

Powered by Mara cms