Visual Confirmation

Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here.
Forum rules
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Post Reply
Octopus2
Registered User
Posts: 12
Joined: Wed May 25, 2005 5:58 pm

Visual Confirmation

Post by Octopus2 »

Is it necessary to use "O" and "0" in the visual confirmation?? Because it´s difficult to see the difference....

User avatar
dhn
Registered User
Posts: 1518
Joined: Wed Jul 04, 2001 8:10 am
Location: Around the corner
Contact:

Re: Visual Confirmation

Post by dhn »

Octopus2 wrote: Is it necessary to use "O" and "0" in the visual confirmation?? Because it´s difficult to see the difference....
It helps when one actually reads what it says right next to the Confirmation code input box:
Enter the code exactly as you see it in the image, it is case sensitive, zero has a diagonal line through it.
;)
Image

User avatar
SHS`
Registered User
Posts: 1628
Joined: Wed Jul 04, 2001 9:13 am
Location: The Boonies, Hong Kong
Contact:

Re: Visual Confirmation

Post by SHS` »

dhn wrote:
Octopus2 wrote: Is it necessary to use "O" and "0" in the visual confirmation?? Because it´s difficult to see the difference....
It helps when one actually reads what it says right next to the Confirmation code input box:
Enter the code exactly as you see it in the image, it is case sensitive, zero has a diagonal line through it.
;)
Those poor Scandinavians wouldn't know if it's a 0 or Ø... ;)
Jonathan “SHS`” Stanley • 史德信
phpBB™ 3.1.x, Bug/Security trackers
phpBB™ Bertie Bear 3.0 — prosilver Edition!Asking Questions The Smart Way

itunes66
Registered User
Posts: 169
Joined: Tue Feb 08, 2005 12:28 am

Re: Visual Confirmation

Post by itunes66 »

LOL, that is probally true
2 things i like about you hmm.. ill have to get back to you on that one

code reader
Registered User
Posts: 653
Joined: Wed Sep 21, 2005 3:01 pm

Re: Visual Confirmation

Post by code reader »

actually, if i read the code correctly, and the visual confirmation string is generated by the function gen_rand_string() in functions.php, "0" (the digit zero) will never be a part of the string.
that said, though, i think the original poster had the right idea: in order to decrease confusion, it would be a good idea to remove "O" (the letter O) from the string as well. as you can see, it is extremely simple to do so.

on a separate note, the current function is cumbersome, and should be reduced to the one-liner.
current function:

Code: Select all

function gen_rand_string($num_chars)
{
	$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');

	$max_chars = sizeof($chars) - 1;
	$rand_str = '';
	for ($i = 0; $i < $num_chars; $i++)
	{
		$rand_str .= $chars[mt_rand(0, $max_chars)];
	}

	return $rand_str;
}
should be reduced to:

Code: Select all

function gen_rand_string($num_chars) 
{
	return substr(str_shuffle("ABCDEFGHIJKLMNPQRSTUVXYZ123456789"), -$num_chars);
}
this require php 4.3.0 as a minimum, but iirc thats a requirement anyway.

User avatar
Eelke
Registered User
Posts: 606
Joined: Thu Dec 20, 2001 8:00 am
Location: Bussum, NL
Contact:

Re: Visual Confirmation

Post by Eelke »

It appears to me that the functions are not completely equivalent, because the former may include the same character multiple times in the string, while the latter would only include each character once, max (which could be totally acceptable, just thought I'd mention it)

code reader
Registered User
Posts: 653
Joined: Wed Sep 21, 2005 3:01 pm

Re: Visual Confirmation

Post by code reader »

you are right.
i didnt bother to mention it in my previous post, because i thought it is not material to the goal (producing a random string).
there is another difference: "my" function will not work properly if asked to provide a random string longer than 35 characters or so. again, i didnt bother to mention it because i dont think its meaningful.

on another note, note that the "CONFIRM_CODE_EXPLAIN" language string dhn cites above is not exactly right on the money.
it claims the 0's will have a slash through them when in reality there are no zeros, and that the code is case-sensitive when in reality it is an all uppercase code.
both these claims are formally correct (after all, there will never be a 0 in the code without a slash in it), yet both are irrelevant to some degree.

it is possible to strengthen the capcha somewhat by including lowercase characters.
recent cases of bot-registration to boards with visual validation enabled point to the suspicion that the capcha should, indeed, be strengthen.
if this is done, i would suggest to remove from the code, in addition to the 0 and O, also the l (lowercase L) and I (uppercase i), as Il and lI are indistinguishable with many fonts.

User avatar
dhn
Registered User
Posts: 1518
Joined: Wed Jul 04, 2001 8:10 am
Location: Around the corner
Contact:

Re: Visual Confirmation

Post by dhn »

I can only mention again, that there is active and very interesting work done on the captcha, that I hope fill find its way into Olympus.
Image

User avatar
Cheater512
Registered User
Posts: 245
Joined: Thu Mar 23, 2006 1:29 am
Location: Brisbane, Australia
Contact:

Re: Visual Confirmation

Post by Cheater512 »

dhn wrote: I can only mention again, that there is active and very interesting work done on the captcha, that I hope fill find its way into Olympus.
I hope it does. It only takes a few lines of PHP (using GD) to produce a image which is readable by a OCR. :(

Uchiha Nick
Registered User
Posts: 397
Joined: Tue Jul 20, 2004 6:21 am
Location: Rotterdam, The Netherlands
Contact:

Re: Visual Confirmation

Post by Uchiha Nick »

its easy to fix it with regular expressions. [A-Z] and [a-z] would work just fine. altho, if you use high AND low case characters, people will get annoyed, since for some reason, you will get these kind of results :

Code: Select all

cOFcE
COFFEE
cofFee
coffee
they dont watch what they type, they only look if the letters are correct, high and lowcase chars are unknown to them.
Image

Post Reply