RE: [PHP] Alternative/Addition to using a CAPTCHA

From: linux@xxxxxxxxxxxxxxxxx ("Jake McHenry")
Date: Fri, 30 Mar 2007 20:01:53 -0400

-----Original Message-----
From: Tijnema ! [mailto:tijnema@xxxxxxxxx]
Sent: Friday, March 30, 2007 6:04 PM
To: Jake McHenry
Cc: tedd; php-general@xxxxxxxxxxxxx
Subject: Re: [PHP] Alternative/Addition to using a CAPTCHA

On 3/31/07, Tijnema ! <tijnema@xxxxxxxxx> wrote:

On 3/30/07, Jake McHenry <linux@xxxxxxxxxxxxxxxxx> wrote:

-----Original Message-----
From: tedd [mailto:tedd@xxxxxxxxxxxx]
Sent: Friday, March 30, 2007 3:06 PM
To: Tijnema !; John Comerford
Cc: php-general@xxxxxxxxxxxxx
Subject: Re: [PHP] Alternative/Addition to using a CAPTCHA

At 3:37 PM +0200 3/30/07, Tijnema ! wrote:

On 3/30/07, John Comerford <johnc@xxxxxxxxxxxxxxxxxxxx> wrote:

I was reading the current tread on CAPTCHA and

possible cracks and I

thought maybe I'd throw this out to the group to see

what you think.

Recently I saw a forum where in order to post you first had

to click on

a div that was placed at a random location on the

page, it read

something like, "Click here if you are human". I was

thinking that

maybe you could put together a system that looks something

like this:

http://people.aapt.net.au/JComerford/ClickMe.htm

I was thinking you could use it in a couple of ways:

1) As a replacement to a CAPTCHA image
2) When you click the image a CAPTCHA image is loaded into

the 'Click

Me' container

The main problem is how to tell the server that the

div has been

clicked, in a way that can't be simulated. I am not

an expect with

either JS or PHP, but maybe some of the bigger brains out

there could

throw in their 2 cents......

JC

This looks maybe hard to crack, but actually it isn't

very hard. All

the clicking does is calling a javascript function.

You still could

submit the page without clicking the box.

Tijnema

Tijnema & John:

The above link I've already done a long time ago. But

check out my

dot CAPTCHA here:

http://sperling.com/examples/p-captcha

Maybe I'm going blind.. But I don't see a circle on that

page anywhere?

Everywhere I click it fails......
Jake

Hmm, just wanted to say that Jake, is it because i have my

resolution

@ 1600x1200?

Tijnema

Actually, it just doesn't work with IE6, it works with FireFox. :)

That would be my problem then :)
Jake

Tijnema

This does not use javascript, but does use sessions.

As you can see, the blue dot can be placed anywhere on

the entrance

page. Granted this presents problem for the visually

impaired, so I'm

not recommending it. But, it's just a proof of concept

at this point.

Plus, I have not checked this on all browsers. I

suspect that some

browsers may have problems with alpha channel images -- so your
mileage may differ.

In any event, I think this may be a bit more difficult

to crack than

something that replies upon javascript -- what do you think?

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com

http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.23/740 - Release
Date: 3/30/2007 1:15 PM

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.23/740 -

Release Date: 3/30/2007

1:15 PM

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.23/740 - Release
Date: 3/30/2007 1:15 PM

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.23/740 - Release Date: 3/30/2007
1:15 PM

.

References:
- Re: [PHP] Alternative/Addition to using a CAPTCHA
  - From: "Tijnema !"

Prev by Date: RE: [PHP] Parsing database variables
Next by Date: Re: [PHP] Saving css state in javascript and passing to php via form submit
Previous by thread: Re: [PHP] Alternative/Addition to using a CAPTCHA
Next by thread: RE: [PHP] Alternative/Addition to using a CAPTCHA
Index(es):
- Date
- Thread

Relevant Pages

RE: [PHP] Parsing database variables
... If I read the manual correct about how to setup the input ... PHP General Mailing List ... No virus found in this incoming message. ... Checked by AVG Free Edition. ...
(php.general)
Re: [PHP] Audio CAPTCHA review request
... > PHP General Mailing List ... > No virus found in this incoming message. ... > Checked by AVG Free Edition. ... No virus found in this outgoing message. ...
(php.general)
RE: [PHP] link on user uploaded pic
... PHP General Mailing List ... No virus found in this incoming message. ... Checked by AVG Free Edition. ...
(php.general)
Re: [PHP] Question before upgrading to 5
... Is prefix the only option I need ... > PHP General Mailing List ... > No virus found in this incoming message. ... > Checked by AVG Free Edition. ...
(php.general)
Re: [PHP] audio CAPTCHA - was Combining sound files
... the point is to click the "Speak CAPTCHA" button and see if it speaks. ... > PHP General Mailing List ... > To unsubscribe, visit: http://www.php.net/unsub.php ...
(php.general)