国内怎么captcha测试
Things That Drive Us Nuts
驱使我们坚果的东西
Have you noticed the use of the reCaptcha feature at EE and other web sites? It wants you to read and retype something that looks like this.
您是否注意到EE和其他网站上使用了reCaptcha功能? 它希望您阅读并重新输入类似以下内容的内容。 疯狂! 这不是EE的错-这只是reCaptcha的工作方式。 但这与良好的用户体验相去甚远。
This article is about how to apply some sanity in the CAPTCHA process. It does not have to cause eyestrain for your clients, and it will likely be nearly as secure as the agonizing and unreadable stuff that reCaptcha cranks out. In the process of creating an image-based CAPTCHA test, we will learn something about PHP image manipulation.
本文介绍如何在验证码过程中应用一些理智的方法。 它不必引起客户的视线疲劳,它的安全性几乎可以与reCaptcha激起的痛苦而难以理解的东西一样安全。 在创建基于图像的CAPTCHA测试的过程中,我们将学习有关PHP图像操作的知识。
Anti-Spam and Anti-'Bot Tools (Power to the People)
反垃圾邮件和反僵尸工具(人民力量)
The term CAPTCHA is "sort of" an acronym. It stands for Completely Automated Public Test (to tell) Computers and Humans Apart. The theory is fairly simple. Your server-side script gives the client a test that a human can pass easily but a computer cannot readily understand. You can read more about the theory and implementations here, and in the Wikipedia.
术语CAPTCHA是“某种”缩写。 它代表“完全自动化的公共测试(告诉)计算机和人类分开”。 这个理论很简单。 您的服务器端脚本为客户端提供了一个测试,测试人员可以轻松通过,但计算机无法轻松理解。 您可以在此处和Wikipedia中阅读有关理论和实现的更多信息。
http://en.wikipedia.org/wiki/CAPTCHA
http://en.wikipedia.org/wiki/CAPTCHA
Invisible CAPTCHA
隐形验证码
A "honeypot" is a form element that should not be filled in when a human completes the form. You can give a form input control a tempting name, like "email" and style the input with CSS to make it invisible on the browser. If the form contains any data in the tempting input field, you can discard the request, since this would not have come from a human being.
“蜜罐”是一个表单元素,当人类完成表单时不应填写。 您可以为表单输入控件提供一个诱人的名称,例如“电子邮件”,并使用CSS设置输入样式,以使其在浏览器中不可见。 如果表单在诱人的输入字段中包含任何数据,则可以丢弃该请求,因为这不是来自人的。
<?php // RAY_honeypot.php
error_reporting(E_ALL);
// DEMONSTRATE A HONEYPOT CAPTCHA TEST
// IF THE FORM HAS BEEN FILLED IN
if (!empty($_POST))
{
// IF THE HONEYPOT HAS BEEN FILLED IN
if (!empty($_POST['email'])) trigger_error("BE GONE, ATTACK BOT!", E_USER_ERROR);
// PROCESS THE REST OF THE FORM DATA HERE
var_dump($_POST);
}
// CREATE THE FORM
$form = <<<EOD
<style type="text/css">
.honey {
display:none;
}
</style>
<form method="post">
<input name="email" class="honey" />
<input name="thing" />
<input type="submit" />
</form>
EOD;
echo $form;
Minimalist CAPTCHA
极简主义验证码
One step up from an invisible CAPTCHA might be a checkbox that says, "Check this box to prove you're a human." Not very deep, but arguably effective in a limited way. And there is this from the endearing "A Word a Day" site.
一个不可见的验证码可能会比以前高出一个复选框,上面写着:“选中此框以证明您是人。” 不是很深,但是可以说是有限的有效。 而这是来自“ A Word a Day ”网站的。
To reduce the risk of automated registration, the Craftsy web site uses a simple visual CAPTCHA. The client is asked what animal is shown. Craftsy may find the 1:4 ratio of possibilities acceptable; statistically speaking, an attack 'bot could be right about the animal 25% of the time. If Craftsy couples its CAPTCHA with some kind of email verification this is probably acceptable protection.
为了降低自动注册的风险,Crafsy网站使用了一个简单的可视CAPTCHA。 询问客户显示了什么动物。 狡猾的人可能会发现1:4的可能性是可以接受的; 从统计学上讲,“攻击机器人”可能有25%的时间是正确的。 如果Craftsy将其验证码与某种电子邮件验证结合使用,则这可能是可以接受的保护措施。 在较高的层次上,如果社区中有常识,您可能会要求客户输入例如学校吉祥物的名称。 这些测试的服务器端验证非常简单,通常只有一个if()语句。
A CAPTCHA Test with Simple Arithmetic
简单算术验证码
You can copy this script, put it on your server and run it to see the effect. The script chooses two numbers at random, then chooses among several possible arithmetic operations to produce a CAPTCHA test that writes out an English-language simple math problem. The client experience in this structure is very similar to the CAPTCHA test on the comment feature of the PHP.net web site. It is easy to implement and easy for the client to use, but for a 'bot to readily defeat it, there would be a lot of programming required. The web site would use the getQuestion() method in the HTML form script, and would use the testAnswer() method in the action= script. Give it a try, and if it's good enough for your work, enjoy it. And if you feel you need greater obscurity, read on below for the image-based CAPTCHA tests.
您可以复制此脚本,将其放在服务器上并运行它以查看效果。 该脚本会随机选择两个数字,然后从几个可能的算术运算中进行选择,以产生一个可以写出英语简单数学问题的CAPTCHA测试。 这种结构的客户体验与PHP.net网站的注释功能上的CAPTCHA测试非常相似。 它易于实现且易于客户端使用,但是要使“机器人”轻松击败它,将需要进行大量编程。 该网站将使用getQuestion()方法在HTML表单脚本,将使用testAnswer()方法在行动=脚本。 尝试一下,如果对您的工作足够好,请尽情享受。 并且,如果您觉得需要更多的知识,请在下面阅读基于图像的CAPTCHA测试。
<?php // RAY_captcha_class.php
error_reporting(E_ALL);
// DEPENDS ON THE PHP SESSION
session_start();
echo '<pre>';
Class CAPTCHA
{
// NULL CONSTRUCTOR
public function __construct() { }
// RETURN A CAPTCHA QUESTION IN THE FORM OF A STRING
public function getQuestion()
{
// NUMBER NAMES CONVENIENTLY INDEXED BY VALUES
$nums = array
( 'Zero'
, 'One'
, 'Two'
, 'Three'
, 'Four'
, 'Five'
, 'Six'
, 'Seven'
, 'Eight'
, 'Nine'
, 'Ten'
, 'Eleven'
, 'Twelve'
, 'Thirteen'
, 'Fourteen'
, 'Fifteen'
, 'Sixteen'
, 'Seventeen'
, 'Eighteen'
)
;
// THE UPPER LIMIT FOR ANSWERS
$max = count($nums) - 1;
// A PLACE TO HOLD THE QUESTIONS
$ops = array();
// SOME RANDOM NUMBERS AND A RANDOM OPERATION
while (count($ops) < 6)
{
// CHOOSE TWO RANDOM NUMBERS WITHIN THE RANGE
$num1 = rand(0, $max);
$num2 = rand(0, $max);
// COLLECT SOME OPERATIONS THAT GENERATE USEFUL VALUES
$ans = $num1 + $num2;
if ($ans <= $max) $ops[] = "What is $nums[$num1] Plus $nums[$num2]?|$ans";
$ans = $num1 * $num2;
if ($ans <= $max) $ops[] = "What is $nums[$num1] Times $nums[$num2]?|$ans";
$ans = $num1 - $num2;
if ($ans >= 0) $ops[] = "What is $nums[$num1] Minus $nums[$num2]?|$ans";
$ans = $num2 - $num1;
if ($ans >= 0) $ops[] = "What is $nums[$num2] Minus $nums[$num1]?|$ans";
if ($num2)
{
if ( ($num1 % $num2) == 0 )
{
$ans = $num1 / $num2;
$ops[] = "What is $nums[$num1] Divided By $nums[$num2]?|$ans";
}
}
if ($num1)
{
if ( ($num2 % $num1) == 0 )
{
$ans = $num2 / $num1;
$ops[] = "What is $nums[$num2] Divided By $nums[$num1]?|$ans";
}
}
// COLLECT MIN/MAX TESTS
if ($num1 < $num2)
{
$ops[] = "What is MIN ($nums[$num1], $nums[$num2])?|$num1";
$ops[] = "What is MAX ($nums[$num1], $nums[$num2])?|$num2";
}
if ($num1 > $num2)
{
$ops[] = "What is MAX ($nums[$num1], $nums[$num2])?|$num1";
$ops[] = "What is MIN ($nums[$num1], $nums[$num2])?|$num2";
}
}
// CHOOSE THE QUESTION AND ANSWER
shuffle($ops);
$qry = array_pop($ops);
$arr = explode('|', $qry);
// SAVE THE QUESTION AND BOTH ANSWERS
$_SESSION['CAPTCHA_qry'] = $arr[0];
$_SESSION['CAPTCHA_int'] = $arr[1];
$_SESSION['CAPTCHA_ans'] = $nums[$arr[1]];
// RETURN THE QUESTION STRING
return $arr[0];
}
// RELY ON THE SUPERGLOBAL VARIABLES ONLY
public function testAnswer()
{
// NORMALIZE AND COMPARE THE ANSWER
$ans = isset($_POST['CAPTCHA_ans']) ? trim(strtoupper($_POST['CAPTCHA_ans'])) : '?';
$ses = isset($_SESSION['CAPTCHA_ans']) ? trim(strtoupper($_SESSION['CAPTCHA_ans'])): '??';
$int = isset($_SESSION['CAPTCHA_int']) ? $_SESSION['CAPTCHA_int'] : '???';
if ( ($ans != $ses) && ($ans != $int) ) return FALSE;
return TRUE;
}
}
// USE CASE
$x = new CAPTCHA;
// IF THE ANSWER HAS BEEN POSTED
if (!empty($_POST))
{
// CALL THE METHOD TO TEST THE ANSWER
if ($x->testAnswer())
{
echo "Yes! {$_SESSION['CAPTC
最低0.47元/天 解锁文章
1544
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
