reCAPTCHA/ON-REV integration

[Pierre Sahores]

'Evening List,

I just had to install a captcha system to protect an ON-REV portal /  
irev forms from unwanted spams robots and automatical cgi fills in. I  
choosed to integrate the reCAPTCHA web-service directly within the  
irev based app (a line of js + an inline irev/php wrapper + the 2  
recaptcha php's form & lib files + 1 revtalk "POST" to the recaptcha  
fill-in control server).

To see how it works, have an eye at : <http://www.woooooooords.com/contact.irev 
 >

To read more about the MIT licensied reCAPTCHA service, see : <http://recaptcha.net/ 
 >

If an abstract about how to handle the reCAPTCHA integration with ON- 
REV can help, just tell me.

Kind Regards,

Pierre


On 11 Feb 2008, at 18:36, jbv wrote:
> Here's my question : in order to prevent ppl to register hundreds of  
> > times automatically, > or simply to hinder hackers to send large  
> amounts of automatic cgi > requests and to > clutter mySQL tables  
> with useless registrations, I've been asked to > think about some >  
> protection.
> Most Web forms validate the entry, eg. to be a valid e-mail address  
> there has to be an @ in it, and it has to end in a toplevel domain.  
> Many also store e-mails in addition to logins, and you're not really  
> registered until you click an automatic generated link in the e-mail  
> they send you. The best Method known to me is the "captcha" <http://en.wikipedia.org/wiki/Captcha  
> >. Basically you show an image of distorted and crossed out text,  
> and the user has to enter what he reads. But these images have to be  
> generated randomly, and this isn't really simple to do with any  
> http- server software. Also the Way you distord and add lines need  
> to follow some rules, otherwise it's easily circumvented. Another  
> (similar) approach is this: You need many pictures of a few things,  
> and store what thing the picture shows. Then you show 9 of them,  
> asking the user to click on the dog (or whatever). Obviously nothing  
> in the picture's url should point out what kind of thing it shows  
> for this to work. Also there should be only one dog (or whatever) at  
> a time. Fuzzy animals work best for this (kittens, young dogs,  
> rabbits, etc.), because they "blend" into the background, and  
> currently computers can't distinguish cat's from dog's, so no hacker  
> can spoil this (yet). Obviously simple and clearly coloured  
> geometric shapes are not ideal. Note that this is less secure then  
> the text approach above, but of course it's infinitely more cute. :)  
> These are the three methods I'd choose one from to use myself.
> Björnke
--
Pierre Sahores
mobile : 06 03 95 77 70
www.sahores-conseil.com