recaptcha still submits form when one word invalid - recaptcha

Um so I was in for a little bit of a surprise tonight. I spent a good 20 mins trying to figure out why I was able to submit a form knowing that what I entered into the recaptcha field was invalid. Is it true that you don't need to input the exact words it displays? If it shows me two words and I misspelled one of the words, I still pass validation? Same goes if "hello world" and I input "hell man" it still works.

With recaptcha, you are only tested on one of the words, while the other is used to help computers in scanning printed material. So you only need to get one right to pass (which one you need is random). :D

the recaptcha site describes why this is. You need to get one of the two words correct; only recaptcha knows which one.
But if a computer can't read such a
CAPTCHA, how does the system know the
correct answer to the puzzle? Here's
how: Each new word that cannot be read
correctly by OCR is given to a user in
conjunction with another word for
which the answer is already known. The
user is then asked to read both words.
If they solve the one for which the
answer is known, the system assumes
their answer is correct for the new
one. The system then gives the new
image to a number of other people to
determine, with higher confidence,
whether the original answer was
correct.

Related

IF statement and For

I'm a very, very n00b developper learning Python at university (I started a few weeks ago really) and I'm on my first assignment. Everything's going well, except one thing and i just can't figure it out. Or rather, I know what the problem is, but I can't find the solution. In short, I need to ask the user to input a number, and if number is 0, then the programs shows a message and stops there. Otherwise, it goes on with asking more info and uses For loops. My question is: How do I insert lines that are not part of the IF (user has entered 0) but also not part of any For loops (i don't want these lines repeated). I'm not sure if that makes any sense.
python code
basically i want the last print to be shown if the user has entered more than 0 in the beginning, but not be shown if the user has entered 0. I'm not showing the actual code, since it's a uni assignment, but the screenshot shows exactly the issue I'm having with the real code :) Thanks for your help!! (also, sorry that it's actually a link, because i don't have enough points yet to embed the image).
This one is pretty easy. Im not that great at python yet but i just tested it and it works as intended.
def isZero(val):
if val==0:
print('bye')
quit()
title = int(input('enter a number'))
ZeroCheck = isZero(title)
while title>0:
title = int(input('enter a number'))
isZero(title)

persistent output in prolog

For a school project I am attempting to write what is described as an "interactive diagnosis environment" using prolog. The user will enter a symptom, and a list of diseases that match the symptom will be printed to the screen. The user will then list another symptom, and diseases will be removed from the previous list if they do not match the second symptom, forming a new list. The new list is then printed.
example user input:
SYMPTOM_IN(fever, 150).
SYMPTOM_IN(vomiting, 1).
A list of possible diseases is printed after each input.
This process is repeated until a diagnosis is made or until it is somehow determined that it can't, at which point tests will be suggested and the user can input data regarding the tests in a similar manner, ultimately arriving at a diagnosis.
So far, all I have is a list of facts that will compile and that I can then interact with, but I really don't understand how I am supposed to carry over the list of diseases from one input to the next. I also don't understand how to move from taking symptom input to suggesting tests, although maybe that will be evident once I understand how to do the symptom input portion.
I would really appreciate any help.
Thanks.
EDIT:
Could I take the two values from the SYMPTOM_IN call, use them to do something like symptom(X, fever, 150)., and assert the output from that to store it (like in the answer to this question)? Then maybe I can do the same thing for the next call and take the union of the two lists?
You want to create an expert system. There is a lot of info about it on the net. For example:
https://www.csupomona.edu/~jrfisher/www/prolog_tutorial/2_17.html
http://www.amzi.com/ExpertSystemsInProlog/02usingprolog.php
There is also a lot of good info on Stack Overflow.
In short: you need to know how to use assert and retract in proper way.

How does spell checker and spell fixer of Google (or any search engine) work?

When searching for something in Google, if you misspell a word (may be by mistake or may be when you really mean this non-dictionary word), Google says:
"Showing results for ..... Search instead for .......".
I am trying to figure out how this would work.
This basically means being able to find the closest dictionary word to the non-dictionary word entered. How does it work? One way I can guess is :
count no. of instances of each character and then scan dictionary to find a word with same no. of instances of each character (only with +-1 difference). But this will also return anagrams.
Is some kind of probabilistic model of any use here such as Markov etc. I don't understand Markov well enough to throw it around but just a very wild guess.
Any insights?
You're forgetting that google has a lot more information available to it then you do. They track when people type in a word, don't select a result, and then do another search shortly afterwards. They then use this information to suggest better searches for you.
See How does the Google "Did you mean?" Algorithm work? for a fuller explanation.
Note that this approach makes sense when you consider that Google aren't actually doing spell-checking. Instead, they are trying to work out what search term will give you the answer you are looking for. Obviously there is a lot of overlap between this and spell-checking, but it means they are not always trying to correct a search for, e.g., "Flickr".
When you search something which is related to other searches performed earlied closed to yours and got more results, google shows suggest on them.
We are sure that it is not spell checking but it shows what other people queried the related keywords.

Script for the USPS

I am trying to write a script that does a zip code look up at the USPS.
URL="http://zip4.usps.com/zip4/citytown_zip.jsp". The data gets submitted by POST is:
zip5=YOURZIPCODE&submit.x=3&submit.y=22&submit=Find+ZIP+Code
The part I am having a hard time finding is how these numbers get generated:
submit.x=3
submit.y=22
The above two always "submit" values for X and Y always change. I can figure out
those number get put into the string.
Any thoughts would be greatly appreciated.
Those are the coordinates for a image-button click. Their values just give the mouse position on the button when it was clicked. In this case, they are going to be meaningless, just make them both 1 or something.
"Users may view and download material from this site only for the following purposes: (a) for personal, non-commercial home use"
http://www.usps.com/homearea/docs/termsofuse.htm?from=global_footer&page=termsofuse
From the link above.
As the first answer says, that is just the USPS trying to keep anyone from building an automated script to access data through that form. They expect slightly different numbers for each request from a given IP address.
"when you can prevent someone from doing something, you can get paid to allow them to get things done"
Just put in random numbers between 1 and the max size of the image button and it will work.
And I would not bother trying to do it "legally", their legal terms make no sense:
http://techref.massmind.org/techref/ecommerce/shipAPIlegal.htm also see the "Shipping" link in the heading for that page.

Is it acceptable to normalize text box content when it loses focus?

I have received requirements that ask to normalize text box content when the user changes the focus to another control on the same data input form. Example normalizations:
whitespace at the start and end of the input is trimmed
If the text box was made empty and this is not valid, replace the content of the text box with the default value
I have a feeling that this is not in line with good GUI design. I have read the Windows UX Guidelines for text boxes but I did not immediately find any relevant rules.
Is normalizing text box content in this way acceptable?
I have definitely seen this before (examples elude me right now) but I personally don't like it when the UI changes my input.
If the UI is smart enough to change my input on me then it should accept it as is and change the value when it needs to process it.
When the input changes auto-magically you are now forcing the user to stop and ask themselves why it changed and if they did something wrong or if the application has an error. Don't make the user think!
Generally, you should accept user input exactly has they entered it. Chances are users did it that way for a good reason. For example, imagine a user entering a foreign address, and then your app screws it up trying to format like a domestic address. At the very least, users entered the input the way they’re used to it being, so changing it can make it hard for them to cross-check it.
However, there are several exceptions:
Add defaults to incomplete input. Adding input the user left off (e.g., years to dates, units to dimensions) provides good feedback on how the app is interpreting the input that would otherwise be ambiguous. This also encourages the user to use defaults, making their input more efficient.
Resolve other ambiguities. Change to an unambiguous format if the user’s format is open to interpretation. For example, if you have international users, you may want to change “9-8-09” to “Sep 8 2009” (or “9 Aug 2009”) to provide feedback on what your app considers the month and day to be.
Add delimiters when none provided. Automagically adding standard or even arbitrary delimiters to long alphanumeric strings (e.g., phone numbers, credit card numbers, serial numbers) provides an input display that the users can crosscheck more easily. Sometimes users may enter a string without delimiters in order to go faster or because they are the victim of web abuse by sites that refuse to accept even standard delimiters.
Spelling, grammar, and capitalization correction. Users often appreciate this, but only if there’s also a means to override it. Some users like to use "i" as the first person pronoun.
If the field is used by more than one user, then you probably should automatically format the value in some standard way that accommodates the majority of your users, but that should be done when the value is stored on the backend, not when focus leaves the field. For example, if a user enters a time of 15:30 it should remain as 15:30 as long as the user views the page. However, the next time a user (any user) retrieves the data, it should appear as 3:30pm (if that’s how most of your users are used to seeing time).
Such backend formatting applies to trimming whitespace so that all users can search, find, and sort on the field consistently. It’s probably not a good idea to replace a blank value (or any invalid value) with the default because users are unlikely to anticipate getting that value. An exception would perhaps be changing blank to 0 for numeric fields in situations where obviously blank == none == zero, but again this probably should be done when storing in the backend, not in the field itself. If blank is ambiguous, (e.g., may mean 0 or may mean "I don't know") then the second bullet above applies, and you may want to autocorrect in the field when focus is lost.
Of course, if your users vary in how they need to have a data type formatted, then you can have different variants of the app that display the data type in different ways for different user groups, or you can make the format of the data type a user preference, but that’s really another issue.
If the user wants it, and the Stakeholder ask for it, then is perfectly safe.
Trimming is very common. and the replace is common when you are talking about filling textbox with numbers. (a 0 instead of a blank).
It's a fairly standard feature, especially the whitespace trimming. The default value replacement raises a larger flag just because it is less common.
I'm pretty sure that I've seen versions of Microsoft Office that do this - putting "pt." after a value in points, for instance. Microsoft's endorsement should be a good sign.
We have quite a few of these kind of requirement. The reason given for forcing a default value rather than a blank space is that it looks better in reports or if the client wants to see the live system. A blank looks a bit like "couldn't be bothered to enter anything". For a similar reason, we often upper-case the text for consistency as the users never use consistent formatting.

Resources