While I was developing Fuck It All, I came across an issue that I’ve never had to deal with before. Since I was accepting user input that would in turn be posted on my site, I needed a way to make sure SPAM bots wouldn’t be able to make posts. There is quite a simple solution to this and I’m sure you have all come across it before, CAPTCHA inputs.
CAPTCHA inputs are small verifications, usually found on forms, which are easy enough for all humans to solve, but something that an automated machine wouldn’t be able to compute. These are commonly just a few words, but with some sort of distortion applied to them. Such text is, up until now, unreadable for computers. However, most humans can distinguish the individual characters without a problem.
HTML entities are reserved characters in HTML. To read more about HTML entities, go here.
Now for the actual CAPTCHA. Using these HTML entities, we can show a simple addition problem with two numbers. Most humans should be able to pass this quick test, while spam bots won’t be able to recognize what your site is asking them due to the HTML entities.
In your form, add the following PHP code:
<php $num1 = "" . rand(49,57) . ";"; $num2 = "" . rand(49,57) . ";"; echo "<label for='captcha'>* <span id='captchaval1'>$num1</span> + <span id='captchaval2'>$num2</span> = </label><input type='text' name='captcha' id='captcha' maxlength='2' required /> (just making sure you're not a robot)"; ?>
By returning the ‘passed’ value to the form, you can check whether the user got the simple math question right or not. From there, you can handle the form submission as you please.
I would also like to thank my good friend Daniel for bringing this to my attention and helping me out with this code. If you have a second, you should check out some of his stuff as well. Right along the same alley: http://omniimpact.com/
Thanks for reading! I hope you guys enjoyed my first code posting!