Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>If you walk through it, you are probably missing a couple steps:</p> <pre><code>if ($_SERVER['REQUEST_METHOD']!='POST') //If initial load, load up captcha into session $_SESSION['captcha'] = rand(0,9999999999); else{//Means form was submitted if (isset($_POST['captcha'])) {//Check if they entered if ($_SESSION['captcha']!==$_POST['captcha']) {//check if ! correct, reissue new captcha echo 're-enter a new captcha!'; $_SESSION['captcha'] = rand(0, 99999999999); }else{ //Everything was good, handle data } }else{//Nothing was entered, give them new captcha echo 'please enter the captcha!'; $_SESSION['captcha'] = rand(0, 99999999999); } } </code></pre> <p>Now the tricky part comes when you display this to the user. If you put: </p> <pre><code>&lt;li&gt; Please type &lt;?=$_SESSION['captcha']?&gt;:&lt;br/&gt; &lt;input type="submit" name="captcha" value="submit"&gt; &lt;/li&gt; </code></pre> <p>bots will be able to bypass this. So you need to figure out how to over come this problem. Simply displaying the number and telling them to enter is good and will deter VERY basic bots. Obfuscating it (<code>&lt;span&gt;1&lt;/span&gt;&lt;span&gt;2&lt;/span&gt;</code>) may make it a little more difficult, but bots can still parse it and bypass it. Saving it as a Javascript variable and then checking against it may also work, but again, can be bypassed if the bot is smart enough. An iframe may work, an image may work, user-agent parsing may help, etc etc etc. All these things would work, but it is up to you on how you want to implement it and how secure you want it.</p> <p>Personally, while I am a fan of Recaptcha as it is usually very easy to implement and requires minimal coding on my end. I also use the GD and TrueType libraries to make captcha images, but this does require a lot more programming than it may be worth if you can use Recaptcha. Finally, I do like Javascript math problems that are loaded after the page loads, which bots have a harder time loading and figuring out what is going on.</p> <p>After all is said and done, do whatever you want. If you get stuck, post your code and we can help you out.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload