Warning: Undefined array key "ssba_bar_buttons" in /home/techdribble/public_html/wp-content/plugins/simple-share-buttons-adder/php/class-buttons.php on line 598
Warning: Undefined array key "ssba_bar_buttons" in /home/techdribble/public_html/wp-content/plugins/simple-share-buttons-adder/php/class-buttons.php on line 598
Warning: Undefined array key "ssba_bar_buttons" in /home/techdribble/public_html/wp-content/plugins/simple-share-buttons-adder/php/class-buttons.php on line 598
Warning: Undefined array key "ssba_bar_buttons" in /home/techdribble/public_html/wp-content/plugins/simple-share-buttons-adder/php/class-buttons.php on line 598
Warning: Undefined array key "ssba_bar_buttons" in /home/techdribble/public_html/wp-content/plugins/simple-share-buttons-adder/php/class-buttons.php on line 598
Hands up who thinks “captcha”, an image based challenge-response test to ensure a response is not generated by a computer, is a big pain in the butt and you’re sick and tired of seeing it in every web form. Not only is it obstructive but most of the images are very difficult to decipher.
Well, an alternative to “captcha” is a well place hidden variable within a web form containing a random number. It doesn’t require user intervention so it’s seamless which would mean that your customers are less annoyed. It acts like a simple redundancy check which effectively identifies if the web form was submitted from the server, and not remotely invoked through a “page scrape” copy. If the web form was submitted from a remote copy, which is how most “robot” processes operate, then the form is not processed.
The example form below is a simple “contact us” page and it implements the hidden variable redundancy check. Make sure that you insert your own code in the following comment block:
'************************************************************************************** '* Insert code here to post the message '* Eg. Insert message in a database or send message to your email address '**************************************************************************************
Save the following code as contact.asp:
<%
'**************************************************************************************
'* Store the FORM PASSWORD session value in MESSAGE_PASSWORD variable
'**************************************************************************************
MESSAGE_PASSWORD = Session("FORM_PASSWORD")
v_error = ""
if Request("posted") = 1 then
name = Request("name")
email = Request("email")
message = Request("message")
' Validate web form values
if name = "" then
v_error = v_error & "Please enter your name<br />"
end if
if validateEmail(email) = false then
v_error = v_error & "Please enter a valid email address<br />"
end if
if message = "" then
v_error = v_error & "Please enter your message<br />"
end if
if v_error = "" then
if CInt(Request(MESSAGE_PASSWORD)) = CInt(MESSAGE_PASSWORD) then
'**************************************************************************************
'* Insert code here to post the message
'* Eg. Insert message in a database or send message to your email address
'**************************************************************************************
Response.write "Your message was sent to us successfully. We will respond to you within 24 hours of receiving this message."
message = ""
end if
end if
else
'**************************************************************************************
'* Generate new FORM PASSWORD value and store it in session variable
'**************************************************************************************
Session("FORM_PASSWORD") = randomNumber
MESSAGE_PASSWORD = Session("FORM_PASSWORD")
end if
%>
<h1>Contact Us</h1>
<p>Please enter your query in the message text area below</p>
<%
if v_error <> "" then
Response.write v_error
end if
%>
<form action="contact.asp" method="post">
<table border="0" cellpadding="0" cellspacing="2">
<tr>
<td class="tdhead">name</td>
<td class="spacer" />
<td><input name="name" id="namefield" class="textbox" type="text" size="38" maxlength="50" value="<%= name %>" /></td>
</tr>
<tr>
<td class="tdhead">email</td>
<td class="spacer" />
<td><input name="email" class="textbox" type="text" size="38" maxlength="50" value="<%= email %>" /></td>
</tr>
<tr>
<td class="tdhead">message</td>
<td class="spacer" />
<td><textarea name="message" rows="5" cols="40" class="textbox"></textarea></td>
</tr>
<tr>
<td colspan="2" />
<td>
<input type="hidden" name="posted" value="1" />
<input type="hidden" name="<%= MESSAGE_PASSWORD %>" value="<%= MESSAGE_PASSWORD %>" />
<input type="submit" value="Send Email" class="textbox2" />
</td>
</tr>
</table>
</form>
<script type="text/javascript">
if (document.forms.length > 0)
if (document.forms[0].elements.length > 0)
document.forms[0].elements[0].focus();
//-->
</script>
<%
'**************************************************************************************
'* Common functions
'**************************************************************************************
'**************************************************************************************
'* validateEmail
'* -------------------------------
'* Returns true if email is well formed, false otherwise
'**************************************************************************************
Function validateEmail(sCheckEmail)
Dim sEmail, nAtLoc
validateEmail = True
sEmail = Trim(sCheckEmail)
nAtLoc = InStr(1, sEmail, "@") 'Location of "@"
If Not (nAtLoc > 1 And (InStrRev(sEmail, ".") > nAtLoc + 1)) Then
'"@" must exist, and last "." in string must follow the "@"
validateEmail = False
ElseIf InStr(nAtLoc + 1, sEmail, "@") > nAtLoc Then
'String can't have more than one "@"
validateEmail = False
ElseIf Mid(sEmail, nAtLoc + 1, 1) = "." Then
'String can't have "." immediately following "@"
validateEmail = False
ElseIf InStr(1, Right(sEmail, 2), ".") > 0 Then
'String must have at least a two-character top-level domain.
validateEmail = False
End If
End Function
'**************************************************************************************
'* randomNumber
'* -------------------------------
'* Generate random number
'**************************************************************************************
Function randomNumber
Randomize timer
Dim rndNum
' Randomizing the timer function
rndNum = abs(int((rnd() * 3001)))
' To generate a prime based, non-negative random number..
rndNum = rndNum + 53
randomNumber = rndNum
End Function
%>
Some comments about the code:
When the form is first requested it generates a random number which acts like a form password.
'**************************************************************************************
'* Generate new FORM PASSWORD value and store it in session variable
'**************************************************************************************
Session("FORM_PASSWORD") = randomNumber
MESSAGE_PASSWORD = Session("FORM_PASSWORD")
This password is stored in a session variable as well as in the form as a hidden item with the same name and value, being the password itself.
'**************************************************************************************
'* Store the FORM PASSWORD session value in MESSAGE_PASSWORD variable
'**************************************************************************************
MESSAGE_PASSWORD = Session("FORM_PASSWORD")
<input type="hidden" name="<%= MESSAGE_PASSWORD %>" value="<%= MESSAGE_PASSWORD %>" />
When the form is submitted the session value and form value is compared, and if they match then the form is processed.
if CInt(Request(MESSAGE_PASSWORD)) = CInt(MESSAGE_PASSWORD) then '************************************************************************************** '* Insert code here to post the message '* Eg. Insert message in a database or send message to your email address '************************************************************************************** Response.write "Your message was sent to us successfully. We will respond to you within 24 hours of receiving this message." message = "" end if
That’s it! Happy coding!
