Anti-Bot comment system - PHP -

-

update:

question posted @ codereview: https://codereview.stackexchange.com/questions/2362/anti-bot-comment-system

with advice [see details on previous questions if interested] developed system, think quite strong bot automatically post comment !
i'm posting code can view , post valuable comments !!
kind of constructive suggestion welcome :)

index.php 

<html> <head> <script type="text/javascript" src="jquery.js"></script> <script> function main() {  var str=$("#key").load("gettoken.php",function (responsetext) {                                                  $("#key").val(responsetext);                                                }       );  settimeout("main()", 100000); } </script> </head>  <body onload='main()'>  <form name="f" action="poster.php" method="post">   <input type="text" name="text"/><br>   <input type="text" name="key" id="key" value=""/><br>   <input type="submit">  </form> </body> </html>

gettoken.php

<?php  $key=date("y-m-d h:i:s");  $hash=sha1($key.'mysecretkey');  echo $key.'#'.$hash; ?>

poster.php

<?php if (!isset($_post['key']))  exit;  $parts = explode('#',$_post['key'],2); $key = $parts[0]; $hash = $parts[1];  $date1 = $key; $date2 = date("y-m-d h:i:s"); $diff = abs(strtotime($date2) - strtotime($date1));  $years   = floor($diff / (365*60*60*24));  $months  = floor(($diff - $years * 365*60*60*24) / (30*60*60*24));  $days    = floor(($diff - $years * 365*60*60*24 - $months*30*60*60*24)/ (60*60*24)); $hours   = floor(($diff - $years * 365*60*60*24 - $months*30*60*60*24 - $days*60*60*24)/ (60*60));  $minuts  = floor(($diff - $years * 365*60*60*24 - $months*30*60*60*24 - $days*60*60*24 - $hours*60*60)/ 60);  $seconds = floor(($diff - $years * 365*60*60*24 - $months*30*60*60*24 - $days*60*60*24 - $hours*60*60 - $minuts*60));   if ($seconds < 5)  echo $seconds.' fast, must naughty bot <br>'; else if ($seconds>5 && $seconds < 600)  echo $seconds.' in time <br>'; else  echo $seconds.' time out <br>';  if ($hash == (sha1($key.'sou')))  echo $_post['text']; else  echo 'you bot !'; ?>

it's being closed since not code review or improvement. there se site that.

as code: 365*60*60*24 should constant.

you should improve variable naming.

$date2 = date("y-m-d h:i:s");

date2? anything? currenttime more it. always describe variables contain, not are.


Comments

Post a Comment

Popular posts from this blog

Cursor error with postgresql, pgpool and php -

-
hey, struggling bit determine exact cause of error has been popping in our release environment. there not seem dealing particular error on google. this error message getting: sqlstate[34000]: invalid cursor name: 7 error: portal "" not exist the error pops when using pdo prepared statements. this setup our release environment: pgpool 3.0.1 (the postgresql backend in streaming replication mode!) php 5.3.5 postgresql 9.0 edit: architecture 64bit. the same error not manifest in our test environment (edit: forgot mention, standard test environment uses postgresql 9.0 without pgpool). thus, led suspect pgpool @ least partly suspect. does know probable causes error are? edit: ok, here example of kind of code causes error. $sql = 'select * '; $sql .= 'from "mytable" "mystuff" '; $sql .= 'where "mytable"."status" = 1 '; $sql .= 'and "mytable"."mytableid" = :table...
Read more

delphi - ESC/P programming! -

-
why need use because printers using tprinter prints weird hieroglyph @ beginning of printable area. my problem if send commands, nothing happens. esc e (#27 #69) - sending escape sequence didn't work expected. removed first letter , rest of string made bold. eg. hello -> ello . after changed esc e esc (#27 #69 #27), worked fine. example managed figure out, but... trying select character table "esc t n" (#27 #116 n), make "õäöü" work. command doesn't work. nothing happens! , command supported esc/p, esc/p 2 , 9-pin esc/p, should work fine. manual can found here . if has ever needed use esc/p commands maybe 1 can shed light how work them! thanks in advance! edit: in previous post asked more or less same question though answers how did send commands printer. (i'll change question there according answers!) i accepted ken's answer, because claimed way transferred commands wasn't best , got work escape command. problem after t...
Read more

c++ - error: use of deleted function -

-
i've been working on c++ code friend has written , following error have never seen before when compiling gcc4.6: error: use of deleted function ‘gamefsm_<std::array<c, 2ul> >::hdealt::hdealt()’ implicitly deleted because default definition ill-formed: uninitialized non-static const member ‘const h_t floppokergamefsm_<std::array<c, 2ul> >::hdealt::h’ edit: comes part of code using boost msm: boost webpage edit2: there no = delete() used anywhere in sourcecode. generally speaking, error mean? should looking when type of error occurs? i don't think other answers mentioning =deleted; syntax correct. error message says default constructor has been deleted implicitly . says why: class contains non-static, const variable, not initialized default ctor. class x { const int x; }; since x::x const , must initialized -- default ctor wouldn't initialize (because it's pod type). therefore, default ctor, need define 1 (and must ...
Read more