我对reCAPTCHA的实施有缺陷吗?

时间:2013-03-28 19:28:06

标签: php html recaptcha

我有这个网站www.canuckssuck.org,从本周开始,我一直在收到垃圾邮件和评论。我离开了那里,为了你的观赏乐趣。它们始终只出现在第一页上。我对reCAPTCHA的实施有缺陷还是被合法地击败了。让我有些松懈,这并不是一个完美编码的网站。整个网站只有一页。

这是我的帖子代码:

# are we submitting the page?
if (isset($_POST['submit'])) {
  $resp = recaptcha_check_answer ($privatekey,
                                  $_SERVER["REMOTE_ADDR"],
                                  $_POST["recaptcha_challenge_field"],
                                  $_POST["recaptcha_response_field"]);

  if ($resp->is_valid) {

                //validate data kind of!
                if($_POST['title'] == "")
                {
                    $_POST['title'] = "The Canucks Suck";
                }

                if($_POST['comment'] == "")
                {
                    $_POST['comment'] = "New Jersey is the best, we all know it!";
                }

                if($_POST['name'] == "")
                {
                    $_POST['name'] = "Anonymous";
                }
                if($_POST['location'] == "")
                {
                    $_POST['location'] = "Too embarrassed to disclose it.";
                }
                $ip = getUserIpAddr();

                $_POST['location'] = $_POST['location'] +"--"+ $ip;
                //convert line breaks to <br /> from /n etc
                $br_comment = nl2br($_POST['comment']);

                //add info to database
                $obj->insert_values("INSERT INTO posts (post_id, title, comment, name, time, location) VALUES (NULL, '$_POST[title]', '$br_comment', '$_POST[name]', NULL, '$_POST[location]')");

                header( 'Location: index.php?success=1' ) ;

                //for debugging
                echo "<h2 style=\"color:#00FF00; background:black; padding:2px;\">SUCCESSFULLY ADDED, THANKS!</h2>";

                } else {
                    echo "<span style=\"color:red;\">Sorry cannot add comment because you've failed to provide correct captcha! Try again...</span><br />";
                }
            }
            echo recaptcha_get_html($publickey, $error);
?>

1 个答案:

答案 0 :(得分:1)

reCaptcha可能受到Death By Captcha等服务的影响,这些服务基本上是印度的一个地方,有很多“验证码求解器”。一些垃圾邮件机器人可能会使用它。

只是让你知道。