[PATCH] Add a simple CAPTCHA to the sign up form
Eli Schwartz
eschwartz at archlinux.org
Tue Sep 17 14:51:16 UTC 2019
On 9/6/19 3:28 PM, Lukas Fleischer wrote:
> Add a CAPTCHA to protect against automated account creation. The CAPTCHA
> changes whenever three new accounts are registered.
>
> Signed-off-by: Lukas Fleischer <lfleischer at archlinux.org>
> ---
> This is a first attempt to stop the recent wave of spammers. Other
> counter-measures will be implemented if it is not effective.
So far seems like it may be helping.
> web/html/register.php | 14 +++++-
> web/lib/acctfuncs.inc.php | 74 +++++++++++++++++++++++++++++-
> web/template/account_edit_form.php | 11 +++++
> 3 files changed, 95 insertions(+), 4 deletions(-)
> + * Return the CAPTCHA challenge for a given salt.
> + *
> + * @param string $salt The salt to be used for the CAPTCHA computation.
> + *
> + * @return string The challenge as a string.
> + */
> +function get_captcha_challenge($salt) {
> + $token = substr(md5($salt), 0, 3);
> + return "pacman -V|sed -r 's#[0-9]+#" . $token . "#g'|md5sum|cut -c1-6";
> +}
But I think we need to mention LC_ALL=C here. See e.g.
https://bugs.archlinux.org/task/63808
--
Eli Schwartz
Bug Wrangler and Trusted User
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1601 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-dev/attachments/20190917/71456610/attachment.sig>
More information about the aur-dev
mailing list