Mordred wrote:Not very friendly to people without javascript.
Try a simple "poor man's captcha": "How much is six plus nine" (check for 15)
Only a bot custom made for your site will succeed, and until you're THAT popular, you have nothing to worry about.
Welll, better to make them mt_rand(), IMO, but anyone determined enough WILL get in, so the real restrictions, IMO, need to be internal to the actual coding. Once a malcontent refreshes & sees they aren't random, he's got full access and a very simple customization to make.
I'm using the "poor mans' approach" and it actually worked out very well (so far) but I'm having trouble with my "fancier, more robust" version design<g>. First I used the captcha my server recommended but a malcontent figured out how to get by it in a hurry. I've since learned there are captcha cracker apps & advice all over the 'net now. A human goes in, but then a bot takes over the spam run and most captchas allow the Back Button to be used, defeating the captcha image protection for subsequent runs at least in that session.
So, I'm going the poor man's route to see what happens. The only exposure I see left is multiline text boxes can't be length protected without using javascript or something else similar; which no determined malcontent is going to be using. Apparently there's no way around the problem with straight PHP. So as soon's I get my latest & greatest working, I want to see if I can make VB6 (which I already know) server up my php scripts and limit them that way. But, I need the basics of PHP under my belt before I do that.
Twayne