Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Guestbook Validation

  1. Home
  2. Forum
  3. Webmasters Lounge
  4. Guestbook Validation

ghost's Avatar

ghost

0 0

Alright, I had made a guestbook, made it safe with filters and such, but I want to make it so you have to validate your post so no one can spam it with cURL. Soooo, my basic idea is, Generate a random number that a person has to enter, then if it isn't the correct number, then it never gets posted. I'm aware of how to generate random numbers, but not exactly sure how to get it to go through the next page. If anyone has any ideas or wants to help or something, just post your ideas. Thanks in advance.


ghost's Avatar

ghost

0 0

instead of just a random number maybe a random image with a number..

like captcha or somethingB)

idk just a suggestion


ghost's Avatar

ghost

0 0

sleazoid wrote: instead of just a random number maybe a random image with a number..

like captcha or somethingB)

idk just a suggestion yeah thats the best way and easiest way to do just make sure yu have many different codes


ghost's Avatar

ghost

0 0

Alright, it would be better with the images, BUT, I'm not quite sure how to transfer whatever the number is to the other site that registers it. Hmm, I think the way I'm thinking of it is a bit complicated, hmm. Like, let me give you an example. A random number is generated taht shows an image with this in it: x5yy22, so after that, you enter it in and go to the next site, but how would you check what that number is? I was thinking of putting in that number letter combination into a hidden input field. But not sure how I would do that, :-\. Not sure if I'm still wording this right.


ghost's Avatar

ghost

0 0

yeah i dont really know im sorry dude:angry:

i just maybe wanted to help you make it a little more secure with the images:p

not to be a douche but maybe lookup captcha in google and it might have some codes for it that could help you:D


ghost's Avatar

ghost

0 0

If you did it with numbers and not letters, you could make it like this:

$_SESSION['num'] = rand();
$num = $_SESSION['num'];
echo '<img src="img.php?num='.$num.'">;

and then have img.php do something with $_GET['num'], like 2-43*3 and that's the number it puts on the image.

The page that does the actual posting can then check to see if:

if($_SESSION['num']*2-4*3*3 == $_POST['validation_num'])
{
do_guestbok_post();
}

Hope that makes sense


ghost's Avatar

ghost

0 0

No, you're not being a douche sleazoid (XD), I think I got it figured out though. So it should be good, thanks for the suggestion of using the images.

EDIT: Thanks mastergamer, it does make sense, so I think I'm gonna do something like that. Thanks again everyone.


ghost's Avatar

ghost

0 0

heh:D np dude


ghost's Avatar

ghost

0 0

mastergamer wrote: If you did it with numbers and not letters, you could make it like this:

$_SESSION['num'] = rand();
$num = $_SESSION['num'];
echo '<img src="img.php?num='.$num.'">;

and then have img.php do something with $_GET['num'], like 2-43*3 and that's the number it puts on the image.

The page that does the actual posting can then check to see if:

if($_SESSION['num']*2-4*3*3 == $_POST['validation_num'])
{
do_guestbok_post();
}

Hope that makes sense

The major flaw in here is that any bot could find the GET query. Perhaps something like use of the GD library?