With ReCaptcha V2, is it at all possible to force Text Validation when the simple "checkbox" validation fails?
One of our products uses ReCaptcha V2, however one of our clients in Vietnam is uneasy about this, since they seem to get a high percentage of clicks that require image validation, and they think their users won't understand how to do the validation...
Related
I'm using Greg Gilbert's reCAPTCHA validator for Laravel 4 (https://github.com/greggilbert/recaptcha).
I know that reCAPTCHA only needs one word on two to validate forms but my problem is different. I actually have a single word displayed on my reCAPTCHA, the second one is missing. And unfortunately, the displayed word is the "pictured-word", you know, the word for which you can write whatever you like and it will be accepted.
So if it shows number 109, I can write "108" and my form will be accepted.
How to fix that please ?
After some tests, I've found that if I use Firefox's "Private navigation" window, my reCAPTCHA is displaying 2 words instead of 1 as I described here.
It means that if you are connected to your Google account on your web browser, reCAPTCHA "trusts" you a little bit more than a not-connected user and shows you only one word/number.
In my site its very difficult in some cases that the given text images in Recaptcha are not clear. This lead to reduce the intreset of login into our site. I needs some help on getting only numeric values in recaptcha.
No, this is not possible. Recaptcha has been designed to avoid any OCR's and automated bot attacks.
I have got some troubles with spam registrations, as i try to avoid captchas i want to implement a question.
So how to add a custom field into the registration that has to be entered a certain text?
For example i want to ask: What color has a banana?
The question has not to change it could be the same all day long as i dont expect the bots to adapt.
I'm looking for a simple anti spam form submission solution, other than Captcha. I've tried implementing Captcha into my website for anti-spam purposes, but it's been too difficult to integrate into the site. I don't get many spam attacks but I'd like to have something in place for the random spam that I get. Does anyone know of something they think would work?
you can add an additional textfield to your form and hide it with css. human users don't see the field, so it should always be empty. spambots usually fill out all form fields and don't know that this one is hidden. if you receive any content in this field, reject the form submission.
Put up something like "What is 3 plus 6?" and give the user a form to type the answer. Any human will get that, including blind ones who can't see a captcha, but no bot will. You don't even need to vary the numbers, really.
I am developing an issue tracking application in Django, mostly for a learning exercise but also for my own projects - and I am looking into using some AJAX for "enhanced" usability. For example, allowing users to "star" particular issues, which would add them to their watch list. This is implemented in a lot of sites, and is often AJAX - as the URL that the user is viewing doesn't need to change when they click the star.
Now, I am wondering what kind of response to return from my star_unstar view - that detects whether the request is being made via AJAX or not.
At present, if the request is an AJAX request, it returns just the section of HTML that is needed for the star, so I can replace the HTML in the star's parent DIV, so as the star appears "on" or "off", depending on the user's action.
However, I would much rather return some kind of JSON object, as it just seems more "proper", I think. The problem with this method is that the javascript would have to modify the star image's src attribute, the href on it, and the link title also, which seems a lot of work for such a simple feature. I am also looking into in-line commenting in the future, but I want to get a feel for how things "should" be done before I start coding lots of JS.
What is the general consensus when implementing features such as this, not just with Django, but all frameworks that operate in a similar way?
When I work with Ajax my main concern is usually to limit the amount of data I have to send. Ajax applications of this type should be very responsive (invisible if possible).
In the case of toggling a star, I would create the actual on/off states as CSS classes, StarOn and StarOff. The client will download both the off and on star when they first visit the page, which is acceptable considering that the star is a small image. When you want to change the star appearance in the future, you'll only be editing CSS, and won't have to touch the javascript at all.
As for the Ajax, I'd send back and forth one thing -- a JSON variable true/false that says whether or not the request was successful. As soon as the user clicks on the star, I'd change it to the StarOn state and send out the request. 99% of the time Ajax will return true and the user will not even realize that there was some sort of delay in the web request. In the rare case where you get a false back, you'll have to revert the star to StarOff and display an error message to the user.
I don't think your question relates particularly to Django or Python, as you point out at the end.
There's a lot of personal preference in whether you return a blob of HTML to write into the DOM or some serialized data as JSON. There are some practical factors you might want to take into account though.
Advantages of HTML:
- Easy and fast to write straight into the page.
Advantages of JSON:
- Not coupled to the front-end of your application. If you need that functionality anywhere else in the application, it is there ready to go.
My call on it. It's only a relatively trivial amount of HTML to update, and I'd probably go for returning JSON in this case and giving myself the extra flexibility that might be useful down the road.