How can one avoid the submission of forms to db or emails by these bots. I've heard of reCaptcha but is there some other professional way of doing it? like the one you see while signing up to yahoo where you see just the image?

cmon:

How can one avoid the submission of forms to db or emails by these bots. I've heard of reCaptcha but is there some other professional way of doing it? like the one you see while signing up to yahoo where you see just the image?

It's a nasty scenario, I feel you. After fighting a war with them, the best solution is the combination of the following:

1) Front End validation (Using Javascript - if the bot doesn't fill all the fields)
2) Back End validation (Php/Server end validation - If javascript is not enabled)
3) Captcha (If the bot fills all the fields)

The captcha is your last line of defense. I use a free one that's like yahoo and is free (See Example)

hope this helps.

But how are these systems really created? I mean, how do they develop the images randomly. I've seen these on many other sites. Well, I guess we'll have to settle with the one we see. Thanks webMonk.

cmon:

But how are these systems really created? I mean, how do they develop the images randomly. I've seen these on many other sites. Well, I guess we'll have to settle with the one we see. Thanks webMonk.

Well, you could reinvent the wheel, but if it ain't broke,

To the last question, IMHO, the basics in a nutshell is for the script to compare if what is written in the textfield tallies with what text for the image displayed is correct. Of course the image displayed is selected randomly using php.

beyond that, if you're really up for it, you could add a https connection string between the script and the server so the connection to the images is secure and the algorithm isn't reverse engineered.

Personally, i think you're best off with what you have.

There are many FREE captcha scripts you want to install your website, GOOGLE.COM or any script directory (PHP, JAVASCRIPT, ASP, .NET) sites is your best friend!

If your website is a forum template installation, then GO GET captcha A[b]DD-ON MODULE[/b] from your forum site such as SMF, PHPBB, etc.

get to learn some php, it is easily done with php, i have beening them very easily, i will post some codes on this matter some days from now, let say 2days from now, since i got alot of work at hand,

i will post some codes on this matter some days from now, let say 2days from now, since i got alot of work at hand,

I've done alot of programming but for this, I dont' even know where to start from. I'll be expecting the codes soon. Thanks man.

There are many FREE captcha scripts you want to install your website

I still get that reCaptcha site. I just don't like the colours used for that app. Any other links available?

To the last question, IMHO, the basics in a nutshell is for the script to compare if what is written in the textfield tallies with what text for the image displayed is correct. Of course the image displayed is selected randomly using php.

beyond that, if you're really up for it, you could add a https connection string between the script and the server so the connection to the images is secure and the algorithm isn't reverse engineered.

all these ones na long tin!

cmon:

all these ones na long tin!

LOL - But that's how reCaptcha works na. Besides, aren't you the one i think wants to reinvent the wheel? And Security is always a "long tin" at the end of the day

Stumbled on this, thought it might be useful for customization: http://www.codewalkers.com/c/a/Miscellaneous/Creating-a-CAPTCHA-with-PHP/

Hmm, captcha, captcha, captcha
WAs once in ur shoes to and had to find a way to deal with this bot thing. However, I had to write the captcha script myself (just out of fun actually and to c if I can). Attached is the captcha script that generates the random image (rename the captcha.png to captcha.php as NL no allow me upload php files). The generated text is stored in d session $_SESSION["captchaTxt"] so u can validate dat wt wat d user or bot typed.
All u need do is just put d script location in ur source: <img src="captch.php" alt="" />
But then that was then. This days I hadly do captchas. Of late Iv been trying to design from a user perspective dan dat of a developer. D developers perspectve is 'put d captcha to prevent bot' but to (most) users, captcha sucks! Personally I dont like seeing dem wen Im filling a form. So wats d work around?
What I simply do now is create a blank field in d form, tell d user to leave it blank and hide it with CSS. i.e

<div style="display:none"><label>Leave field blank</label> <input type="text" name="blank" /></div>

The 'leave field blank' is just in case (probably d user turned of CSS) he sees the field. So he will know he shouldnt fill it. But normally he wont even be aware of anything and just pass through the other fields. U can then check if d field is filled or not @ processing. If it is - it is a bot - or probably a disobedient user.
Hope that helps.

Hey kehers,
That's impressive. You did very well with your PHP. I guess i'll try your code out in my next project. Not to worry, you'll still be referenced as the author. Thanks.

@webMonk
That's a good one. Thanks for the link.

It's all urs pal , enjoy

for php, you gd library will be doing most of the work, read ur php documentation