Re: human validation on post comments - Mailing list pgsql-www
From | Travis Hein |
---|---|
Subject | Re: human validation on post comments |
Date | |
Msg-id | 200603282010.18571.travis.hein@travnet.org Whole thread Raw |
In response to | Re: human validation on post comments ("Dave Page" <dpage@vale-housing.co.uk>) |
List | pgsql-www |
Hi all, sorry been a bit since this one, I have been out pondering this. ok, so far, from the way the captcha works, it uses a text file as a dictionary of words. and randomly picks a word from this file. then it uses the Pear PHP modules to dynamically generate a random placement and orientation of the word into an image, with two random sets of coincentric circles. I am thinking that it would deter the bots or anyone from using a match image lookup, character recognition, or saving previous images. (and if someone is that creative to get through, they still have to deal with the moderators :) ) There is a simple database tabe table that stores the word, when the image is first generated, and links it to your session. You have 3 tries to enter the right word, then the image becomes not useable any more. Once you do enter the correct word, this image / session binding is updated as being used, and cannot be used again. there is also a time out period where by the image expires, in the session captcha, assuming you keep your session active long enough. This was all Gavik's work, seems pretty complete on these parts. On March 21, 2006 03:43 am, Dave Page wrote: > I should point out, the whole captcha thing isnt WAI compliant: > http://www.w3.org/WAI/ > > so better not follow that path if we dont want to shy away > diabled people... > I think we would be covered if we offered an audio equivalent as well > though wouldn't we? Perhaps there is some text-to-speech code that we > can use from within PHP? > But apart from its ineffectiveness on spammers, as others have > mentioned, capcha excludes blind people. :( So, what I am thinking, is for us to be WAI compliant, we need an option to "click here to receive an audible version of this word in the image that you must type in" I have not been able to find a good, universal, works in all places text to speech converter, so how about, if we (someone with a good voice) pre-records each and every word in the capatcha word dictionary, (eventually we could also do it for all languages we support too, but i was thinking if the word was "shovel" that the voice version of the word could be "s" "h" "o" "v" "e" "l" . you know, spell out the letters, so that it is more language independent. (currently, the dictionary for captacha words is english only now too.) I would consider using a small database table, for the dictionary, to manage all the words for the dictionary, as opposed to cluttering up a folder in the docroot with the audio files? The table would have a column for the word, as text, and a column for the word, as a .wav (or the standard acceptable audio format) recorded, spelled out by the letters version of this word. then on the captacha image screen, the link "click here to get the audio version of the word shown in the image button" would be the facility to retreive the word as a downloadable / playable attachment for the user, to play, and type the letters back in. From there, the existing session captcha features would be used. I recognise that the challenge is to get someone to vocalize the dictionary of captcha words. I have not done this yet, but wanted to get the general feedback to if this was a good idea. > -- Tue Mar 28 19:48:12 EST 2006 19:48:12 up 21 min, 1 user, load average: 12.87, 9.76, 5.24