Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:11388 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 98090 invoked by uid 1010); 20 Jul 2004 19:17:05 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 98066 invoked from network); 20 Jul 2004 19:17:05 -0000 Received: from unknown (HELO mproxy.gmail.com) (216.239.56.249) by pb1.pair.com with SMTP; 20 Jul 2004 19:17:05 -0000 Received: by mproxy.gmail.com with SMTP id w29so5976192cwb for ; Tue, 20 Jul 2004 12:17:04 -0700 (PDT) Received: by 10.11.116.34 with SMTP id o34mr174643cwc; Tue, 20 Jul 2004 12:17:04 -0700 (PDT) Message-ID: <4e89b426040720121725e6933e@mail.gmail.com> Date: Tue, 20 Jul 2004 20:17:04 +0100 To: Daniel Convissor Cc: PHP Internals List In-Reply-To: <20040720183244.GA24359@panix.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <6.1.2.0.0.20040720175549.04278000@127.0.0.1> <1743636665.20040720125308@ionzoft.com> <20040720172122.GA10712@panix.com> <20040720183244.GA24359@panix.com> Subject: Re: [PHP-DEV] Spammer on Bugs page From: kingwez@gmail.com (Wez Furlong) I know this is just a quick measure, but isn't the whole idea to not emit the code in plain text on the form? It's really very easy to scrape it out. --Wez. On Tue, 20 Jul 2004 14:32:44 -0400, Daniel Convissor wrote: > It's pretty crude. All it does is set a session var with a segment of the > microtime then asks the user to confirm that number. So, if a bot tries > to submit directly via POST, the value won't be set, so they get rejected.