Antibot PHP using substring

Question

Just Curiosity,

On a form, for example 'name', 'email', 'password'. You added another field 'First 3 characters of email' and then on the connect.php you did an if statement basically

<?php
...
$subemail=substr($email,0,3);

if ($subemail === $firstthree){....
...?>

How good of an antibot would that be (security wise)? EDIT OR what percent of bots do you think it would stop?

That should be already quite good, and I would even put the field label as text in an image to be sure no bot can ever read this... — Laurent S., Nov 20 '13 at 15:48
None of these questions helped? http://stackoverflow.com/search?q=%5Bphp%5D+bot — Mike B, Nov 20 '13 at 15:57
Captcha is alright but its pretty annoying and also new age bots have started to send the catcha picture via email to its creator (or whatever you want them to be called) and get around it after the response. However I do use captcha and I'm not trying to find away around it. The question isn't asking for a method, its curiosity of how efficient the above method would be. — justsimpleshh, Nov 20 '13 at 16:02

score 1 · Answer 1 · answered Nov 20 '13 at 15:49

1

I do not see how that is random at all.

Usually "antibot" filters, like CAPTCHA, utilize images that bots cannot easily read, and therefore would get wrong.

Using the 1st three letters of an email address could be very easy to hack.

answered Nov 20 '13 at 15:49

qwertynl

3,912
1
21
43

Captcha is alright but its pretty annoying and also new age bots have started to send the catcha picture via email to its creator (or whatever you want them to be called) and get around it after the response. However I do use captcha and I'm not trying to find away around it. – justsimpleshh Nov 20 '13 at 15:57

score 0 · Answer 2 · answered Nov 20 '13 at 15:54

0

I'm not sure how this would fit into your idea, however I saw an interesting(for me at least) anti-bot type of question on a site.

It was a predefined question like: What's the tallest mountain on Earth?

Answer is simple enough. Answer it correctly, and you can proceed to whatever page follows.

Obviously the questions were random.

answered Nov 20 '13 at 15:54

user3011538

9
5

What is the answer? I am not a bot... – qwertynl Nov 20 '13 at 16:04
I dunno man, you look suspicious...and your avatar doesn't have a face. You sure you're not a bot? – user3011538 Nov 20 '13 at 16:06
My avatar has a face, you just do not remember it – qwertynl Nov 20 '13 at 16:12

score 0 · Answer 3 · answered Nov 20 '13 at 15:55

0

I would use reCAPTCHA (Google's anti-spam filter), check out its URL: recaptcha

answered Nov 20 '13 at 15:55

Rápli András

3,869
1
35
55

Antibot PHP using substring

3 Answers3