Tuesday, October 24, 2006


They are those boxes with morphed images containing characters. It stops computers programs or bots to get through your forms - for now. Why? Because its hard to write an application to read the characters. Although computer vision does work , it is pretty processor intensive. I want a captcha for my signup page. The reason is that one of the errors I give on the signup page is "this account already exists". I am currently planning on using email addresses for user names (although this is something I will need to think long and hard about). I don't want a bot to be able to enumerate my database, by trying to get the account already exists message by creating lots and lots of dummy accounts. I found bunch captcha code out there. One piece of code that I really liked was pycaptcha. It is a python captcha generator. Check it out. only a few lines of code and I have a working captcha in the django framework.
import Captcha
from Captcha.Visual.Tests import PseudoGimpy
import StringIO

def captcha(request):
    g = PseudoGimpy()
    s = StringIO.StringIO()
    i = g.render()
    i.save(s, 'JPEG')
    request.session['captcha'] = g.solutions[0]
    return HttpResponse(s.getvalue(), 'image/jpg')
now just to integrate it into my signup page.

1 comment:

Paul Kenjora said...

You have a minor bug in the code sample above. Since youre using the Django framework and the HttpResponse object you need to include the proper module.

from django.http import HttpResponse