Quote:
Originally posted by chodadog
You have mail, mike. Cheers. 
|
I think he basically wants to prevent automated logins by creating an image based login where the surfer has to manually enter the number(s) in the image back into the form to verify it is infact a human.
Generate the number based image.
Generate a hash.
Put the hash in a hidden field
Display image
And on submiting
Verify the hash exists in the db, and that the number in the next field beside the hash is the same number which was entered in the form area.
(doesnt have to be used to stop a login but can be used to break any automated process)