stonecolddevin has asked for the wisdom of the Perl Monks concerning the following question:

Hey monks,

I'm trying to figure out how to create a system where the user must type in a phrase or somesuch from an image that's displayed on the page as a form of verification to prevent spam, autosignups, etc. Yahoo! and Google's Blogger do this (A PHP tutorial here, and an example here (near the bottom of the page)).

I know merlyn has an article on this on his website, but I can't seem to find it.

I also know it's going to involve GD::*, or Image::Magick (or something along those lines), a random string/word generator, and some hidden form values. Beyond that, I'm not sure.

Any ideas?


Replies are listed 'Best First'.
Re: Image verification on form submissions
by reneeb (Chaplain) on Nov 08, 2006 at 08:34 UTC
Re: Image verification on form submissions
by atcroft (Abbot) on Nov 08, 2006 at 08:37 UTC

    Sounds like you are referring to captcha, and possibly this article ( Web Techniques - Column 68, Dec 2001 - "Keeping robots from stuffing your forms" ) of Merlyn's.


      I think captcha is going to be the way to go. I'll look into the additional GD* modules, but that looks like the best thus far.
Re: Image verification on form submissions
by jbert (Priest) on Nov 08, 2006 at 12:25 UTC
    And, in my adopted role as catalyst fanboy, I should note: Catalyst::Plugin::Captcha (which the docs say uses GD::SecurityImage to do its dirty work).
Re: Image verification on form submissions
by idsfa (Vicar) on Nov 08, 2006 at 16:45 UTC

    You may also want to looks at the methods employed by SANS to deal with this problem. And please remember to consider the disabled.

    Updated: Said SANS article has now also gotten the slashdot crowd putting in their oar.

    The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon