Follow us on Twitter!
Imagination is more valuable than knowledge - Albert Einstein
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 25
Members Online: 2

Registered Members: 82854
Newest Member: Dyno890
Latest Articles
View Thread

HellBound Hackers | Computer General | Webmasters Lounge

Author

Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 16:25
Alright, I had made a guestbook, made it safe with filters and such, but I want to make it so you have to validate your post so no one can spam it with cURL. Soooo, my basic idea is, Generate a random number that a person has to enter, then if it isn't the correct number, then it never gets posted. I'm aware of how to generate random numbers, but not exactly sure how to get it to go through the next page. If anyone has any ideas or wants to help or something, just post your ideas. Thanks in advance.


Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 16:34
instead of just a random number maybe a random image with a number..

like captcha or somethingB)

idk just a suggestion


Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 16:52
sleazoid wrote:
instead of just a random number maybe a random image with a number..

like captcha or somethingB)

idk just a suggestion

yeah thats the best way and easiest way to do just make sure yu have many different codes
Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 17:29
Alright, it would be better with the images, BUT, I'm not quite sure how to transfer whatever the number is to the other site that registers it. Hmm, I think the way I'm thinking of it is a bit complicated, hmm. Like, let me give you an example. A random number is generated taht shows an image with this in it: x5yy22, so after that, you enter it in and go to the next site, but how would you check what that number is? I was thinking of putting in that number letter combination into a hidden input field. But not sure how I would do that, :-\. Not sure if I'm still wording this right.


Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 17:32
yeah i dont really know im sorry dude:angry:

i just maybe wanted to help you make it a little more secure with the imagesPfft

not to be a douche but maybe lookup captcha in google and it might have some codes for it that could help youGrin


Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 17:44
If you did it with numbers and not letters, you could make it like this:

Code

$_SESSION['num'] = rand();
$num = $_SESSION['num'];
echo '<img src="img.php?num='.$num.'">;





and then have img.php do something with $_GET['num'], like *2-4*3*3 and that's the number it puts on the image.

The page that does the actual posting can then check to see if:

Code

if($_SESSION['num']*2-4*3*3 == $_POST['validation_num'])
{
do_guestbok_post();
}





Hope that makes sense






Edited by on 17-03-07 17:46
Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 17:44
No, you're not being a douche sleazoid (XD), I think I got it figured out though. So it should be good, thanks for the suggestion of using the images.

EDIT: Thanks mastergamer, it does make sense, so I think I'm gonna do something like that. Thanks again everyone.




Edited by on 17-03-07 17:45
Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 17:47
hehGrin np dude


Author

RE: Guestbook Validation


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-03-07 18:08
mastergamer wrote:
If you did it with numbers and not letters, you could make it like this:

Code

$_SESSION['num'] = rand();
$num = $_SESSION['num'];
echo '<img src="img.php?num='.$num.'">;





and then have img.php do something with $_GET['num'], like *2-4*3*3 and that's the number it puts on the image.

The page that does the actual posting can then check to see if:

Code

if($_SESSION['num']*2-4*3*3 == $_POST['validation_num'])
{
do_guestbok_post();
}





Hope that makes sense



The major flaw in here is that any bot could find the GET query. Perhaps something like use of the GD library?