[Resolved] Simple Captcha workaround is being undermined
Hi. In a different thread, you linked to a simple way to implement a captcha feature in Participants Database. I’ve used it effectively for a while, but over the past day or two it’s started to fail inexplicably.
At first, I asked people signing up to enter, as a number, the sum of seven and three, and I required regex/match #^10$# for the form to be submitted. Spam entries started blowing through that yesterday, so I changed the numbers… same result. Next, I changed the question to “What is the capital of Ohio?,” with “[enter name here]” as the default, and required regex/match #^Columbus$# for the form to be submitted. I tried submitting an entry myself, and the Columbus captcha worked as expected: it rejected my entry until I actually typed “Columbus” into the field. To my considerable surprise, about ten minutes later I got my first spam entry. Even more surprising, the captcha field in the database was populated with “[enter name here]”… it looks as though it somehow managed to bypass that required field altogether.
The form is here, in case that helps. Any suggestions or ideas would be much appreciated.
- The topic ‘[Resolved] Simple Captcha workaround is being undermined’ is closed to new replies.