LISTSERV 16.5 - CODE4LIB Archives

Well, as in the past my answer is still just a suggestive type of solution 
which you would have to recode for your purpose since most or all of you do 
not use a Zope server.

Here is an example, very much like Captcha:

http://www.library.appstate.edu/services/suggest.html

On our suggestion form, I have a python script that generates a random number 
and then creates a graphic of the readable number not like the jumble of 
Captcha.  Here is an example of the html source created that is inserted in 
the form:

<input type="hidden" name="cost" value="77232">
<b>Please enter the number pictured below.</b><br>
<img src="number.jpg" alt="77232"/><input type=text name="picnum" value="">

I think one of the keys here is using the "name" cost.  If spambots can 
understand the term then maybe they put a decimal in there when there never 
should be one.  On our suggestion form someone else added the javascript popup 
in case that field is not filled in.

I haven't tested this with any screen reading software but I think it should 
speak the alt text for the graphic.

All in all, this has significantly reduced spam.  A quick and simple version is 
that maybe you can just add a static graphic of a number and use the same 
number every time.  Then on the processing of the information, first check for 
the number being correct.


Thomas

CODE (external script for Zope):
#PIL - Python Imaging Library
from PIL import Image,ImageDraw,ImageFont
import random
import os
from StringIO import StringIO
from OFS.Image import manage_addImage

# CREATED AUGUST 8, 2007 - Thomas Bennett
# REQUIREMENTS
#   PIL FONTS FROM http://effbot.org/pil/pilfonts.zip
#   PIL FROM http://www.pythonware.com/products/pil/

def random_number_image(self):
  #GENERATE A RANDOM NUMBER OF 5 DIGITS
  # FROM 10000 to 99999
  mynumtext = str(random.randrange(10000,99999,1))
  my_image_id = "number.jpg"

  #DEFINE FONT PATH AND NAME
  fontpath="/usr/local/lib/python2.4/site-packages/pilfonts"
  fontname="ncenB14.pil"

  # CREATE A TEXT IMAGE USING MYNUMTEXT
            # INSTANTIATE A NEW IMAGE (a dark gray box)
  textImg = Image.new('RGB',(75,25),(56,56,50))
            # DRAW THE IMAGE INTO TEMP
  tmpDraw = ImageDraw.Draw(textImg)          
            # LOAD A FONT FOR THE IMAGE
  textFont = ImageFont.load(os.path.join(fontpath,fontname))  
            # PLACE TEXT IN NEW IMAGE
  tmpDraw.text((15,1), mynumtext, font = textFont)  

  # PUT THE IMAGE INTO MEMORY AND SAVE IMAGE TO MEMORY
  imageFile = StringIO()
  textImg.save(imageFile,"JPEG")

  # IF THERE IS A NUMBER.JPG IN THE CURRENT DIRECTORY, 
  # DELETE IT SO UNDO WON'T BUILD UP 
  if my_image_id in self.objectIds():
    self.manage_delObjects([my_image_id])
  manage_addImage(self,"number.jpg",imageFile)

  # WRITE THE IMAGE AND FORM CODE TO THE PAGE
  text = '\n<input type="hidden" name="cost" value="%s">' %mynumtext
  text = text+'\n<font face="Verdana, Arial, Helvetica, sans-serif"   
            size="1">\n<b>Please enter the number pictured below.</b></font>'
  text = text+'<br>\n<img src="%s" alt="%s"/><input type=text 
            name="picnum" value="">\n<br />' %(my_image_id,mynumtext)
  return text





 
On Monday 24 October 2011 09:26:15 you wrote:
> Hi folks,
> 
> Some of our online forms (contact, archives request, etc.) have been
>  getting a bunch of spam lately. I have heretofore avoided using any of
>  those obnoxious Captcha things and would rather not start now. (I
>  personally loathe them and they keep getting harder, which tells me that
>  the spambots are probably better at them than we are...)
> 
> Does anyone have some good/easy/free/less-stressful spam-inhibiting ideas?
> 
> One that occurs to me to try, and I have no idea if this would match well
>  with actual bot behavior: at the time the form loads, include at hidden
>  field with id=[unixtimestamp]. When the form is submitted, ignore any
>  forms that took less than (10? 15? 20 seconds?) to fill out on the
>  assumption that bots probably do it way faster - or possibly way slower?
>  Do they save them up for later? Should I add an upper bound? Is this just
>  a really dumb idea?
> 
> If I try that one, I would start not by eliminating the bad results but by
>  marking them as spam and seeing how effective it is.
> 
> Other ideas? (PHP-friendly answers would be easiest for me to implement,
>  but others may work too.)
> 
> What works for you?
> 
> Thanks
> Ken
> 

-- 
==========================================
Thomas McMillan Grant Bennett           Appalachian State University
Operations & Systems Analyst            P O Box 32026
University Library                                Boone, North Carolina 28608
(828) 262 6587

Library Systems Help Desk: https://www.library.appstate.edu/help/
==========================================