Exit
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0

Implementing CAPTCHA

Explorer ,
Jul 11, 2014 Jul 11, 2014

Hi,

Currently, the application is using Cold Fusion 9. Soon to upgrade to Cold Fusion 10 or 11.

I would like to implement CAPTCHA on the login page.

Is there any information on how to implement CAPTCHA in Cold Fusion?

Thanks,

Mike

1.6K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Community Beginner , Jul 17, 2014 Jul 17, 2014

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

Translate
Community Expert ,
Jul 12, 2014 Jul 12, 2014

You implement Captcha in Coldfusion using the cfimage tag or image functions. For more information, search the web for the words cfimage, captcha.

Here is a simple example to convey the flavour:

<cfimage action="captcha" text="a1%b2c">

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Jul 12, 2014 Jul 12, 2014

How is the value entered in the text box matches the image shown on the page?

Thanks,

Mike

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Jul 12, 2014 Jul 12, 2014

Raymond Camden's Captcha example answers any questions you may have.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Jul 14, 2014 Jul 14, 2014

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jul 17, 2014 Jul 17, 2014

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Jul 17, 2014 Jul 17, 2014
LATEST

I have found that bots overcome hidden fields and don't forget bots can submit to remote pages in isolation, so you should always check for submissions for referrers or IP addresses as  best practice as well. The best sort of summation (x+y) captcha is to create two random number variables  (x and y), add them together and perhaps also add another random value on to to this, also kept in memory, perhaps a application variable known only to the server, encode the whole sum (base 64 would be ok to overcome most bots, but you could hash it with better encryption functions in CF if you wanted). Then when user submits the answer, you decrypt your answer with the application variable key, and then compare them. If they match, the user is most likely human! Image captchas are a pain since they are often so complex they drive users mad.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources