in reply to Re^7: Stop Form Hurling
in thread Stop Form Hurling

OK, here's the full code that creates the image password

I understand what you're getting at, but the code you show looks untested and buggy ($city is reset to the same value at the top of each loop), and there are some structural problems with the implementation -- like, what happens if two people are trying to log in at once? (Not to mention that a bot writer could easily checksum the renamed images to recognize them from prior requests.)

You could address the simultaneous-users issue by adding some kind of server-side storage with an opaque key for the session or attempt... Or take a look at how the other existing Captcha solutions handle this.

Replies are listed 'Best First'.
Re^9: Stop Form Hurling
by emav (Pilgrim) on Nov 08, 2004 at 14:42 UTC
    Indeed, it is untested code. I wrote it in August when I started learning Perl. It was the "two people" situation, which you mentioned, that made me put off using it on my site's guestbook even though I don't think that such a problem could appear on a low-volume site like mine.

    As far as the checksuming bot is concerned... Man, you, older monks are masters in scrutiny! An amateur like me would never have imagined anything like that... Well, that's why I'd better stick with my current job as a high school teacher. ;-)

    Anyway, that's how far my limited experience with Perl managed to get me. Last week, I ordered Programming Perl. So, hopefully, once I've read it, I will be able to build on the code above and come up with a more comprehensive solution in the near future.

    Thanks for the pointers!

[reply]

In Section Seekers of Perl Wisdom