Negative Latency

... when you try to be pr0, but fail to succeed

    Followers

    About Me

    Professionally: Web Developer (Java EE, JavaScript, HTML, CSS...)

    Personally: IT Student @ University of Science and Technology (AGH), Cracow, 5th year

Adding reCAPTCHA

Posted by googie On Tuesday, May 18, 2010 0 komentarze Categories: , , , , ,

Lately I've been receiving comments from bots on my personal blog. Because this blog is written by me from scratch (PHP & Smarty), I thought about adding some anti-bot protection, like CAPTCHA, to comment submit form.

CAPTCHA, according to wikipedia, stands for Completely Automated Public Turing test to tell Computers and Humans Apart. I'm sure every single one of you've seen something similar on many web pages.

But reCAPTCHA, currently owned by Google (surprised?), is something more than just another CAPTCHA. It uses this protection to build the biggest electronic library in the world internet. How? The idea is ingenious, yet simple - the user receives two words to copy: one of these words is known to the machine (computer, server...), the other one is a misshapen word, which was impossible for OCR software to recognize. ReCAPTCHA assumes, that if a user fills in the known word correctly, the other one is correct as well. The not-known word is sent to more than one (say, ten) users and if sufficiently often people recognize the word as the same one, it is believed that it's the correct option.

ReCAPTCHA provides really neat tutorial for PHP, well, quickstart guide, to be more precise. Instructions are really simple. Long story short, you just have to:

  • Download reCAPCTHA library, unzip and include it in a proper PHP script file
    require_once('path/to/the/lib/recaptchalib.php');
  • Sign up for an API key - you'll recieve two keys: private and public. It's a good practise to store them in some constants, like:
    $RECAPTCHA_PUBLIC_KEY = 'YOUR_RECAPTCHA_PUBLIC_KEY';
    $RECAPTCHA_PRIVATE_KEY = 'YOUR_RECAPTCHA_PRIVATE_KEY';
  • To recieve HTML with reCAPTCHA form, simply call 
    echo recaptcha_get_html($RECAPTCHA_PUBLIC_KEY);
    I've got to change some CSS to match my blog layout (change margins of proper CSS classes), but it was really easy and quick - as always, firebug and it's Inspect was extremely helpful ;-).
  • Last thing to do is check validity of CAPTCHA, which is simply done by
    $resp = recaptcha_check_answer(
        $RECAPTCHA_PRIVATE_KEY,
        $_SERVER['REMOTE_ADDR'],
        $_POST['recaptcha_challenge_field'],
        $_POST['recaptcha_response_field']
    );
    if(!$resp->is_valid) {
        $errors[] = 'Bad captcha, try again.';
        $valid = false;
    }
As you can see - simple as hell. And it's kinda win-win situation - both you have a protection from bots and you help building the biggest internet library.

It just proves the fact that in the nearest future Google will eat everything, including our souls... The doom is coming!

0 Response for the "Adding reCAPTCHA"

Post a Comment

Subscribe to: Post Comments (Atom)
© All Rights Reserved. Negative Latency
Designed by Web2Feel | Converted into Blogger Templates by Theme Craft