Hi all,
the current anti-spam captcha needs the entire form to be sent to the server, before an anti-spam check can be performed. This can be a problem if the form is used to submit file(s) as the time it takes them to upload to the server could be considerable. If a user has to wait forever for his files to upload, only to find out that he screwed up the captcha, I am sure it would be irritating.
Ideally, the captcha check is made without having to submit the whole form. This could mean either:
1. - Using some sort of AJAX method: user enters what he sees in the captcha, ajax method checks with the server. If correct the form is submitted, otherwise captcha is reset.
2. - Making the form in two steps: User presented with a captcha. If valid code is entered he is redirected to the form page.
Option 2 could be done easily with the current chronoengine version: simply by creating two forms: one simply consisting of a captcha which then re-directs to the main form. However, I am not sure that this will work in preventing spamming-scripts reaching the second form. In theory, it should as the link to the second form is never made public, unless a user has passed the captcha test. Any thoughts on this?
I am thinking about implementing option 1.. if I have time. If I do, I will post my hack to that it could potentially be included in the next version.
Is there otherwise another option which I am not thinking of?
Cheers,
the current anti-spam captcha needs the entire form to be sent to the server, before an anti-spam check can be performed. This can be a problem if the form is used to submit file(s) as the time it takes them to upload to the server could be considerable. If a user has to wait forever for his files to upload, only to find out that he screwed up the captcha, I am sure it would be irritating.
Ideally, the captcha check is made without having to submit the whole form. This could mean either:
1. - Using some sort of AJAX method: user enters what he sees in the captcha, ajax method checks with the server. If correct the form is submitted, otherwise captcha is reset.
2. - Making the form in two steps: User presented with a captcha. If valid code is entered he is redirected to the form page.
Option 2 could be done easily with the current chronoengine version: simply by creating two forms: one simply consisting of a captcha which then re-directs to the main form. However, I am not sure that this will work in preventing spamming-scripts reaching the second form. In theory, it should as the link to the second form is never made public, unless a user has passed the captcha test. Any thoughts on this?
I am thinking about implementing option 1.. if I have time. If I do, I will post my hack to that it could potentially be included in the next version.
Is there otherwise another option which I am not thinking of?
Cheers,
