[drupal-devel] simple and effective comment spam prevention
exists and works
Adrian Rossouw
adrian at bryght.com
Mon Oct 3 14:10:26 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02 Oct 2005, at 3:59 PM, Jeremy Andrews wrote:
>>
>> all forms have unique id's in the form api.
>>
>
> In what way? For example, how would it work on this form:
> http://drupal.org/contact
form_id for that form is 'contact_mail_page'.
Well, we could make the key $form_id + $session_id + $x + [optional
$key].
Where $x is how many times that specific combination has been used.
Also, we have an $form_id_execute process now, if a form validates,
it tries to
execute, and not before that.. We could handle incrementing $x in
that process.
> If I load the form twice, does it have a different id each
> time? How about if two different people load the form?
Every time you submit the form, it will be different on subsequent
reloads.
Every person will have a different token, due to the session id being
part of
it.
- --
Adrian Rossouw
Drupal developer and Bryght Guy
http://drupal.org | http://bryght.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFDQTvCgegMqdGlkasRAjQeAJ4r3YgdRXzHZRZPAyPYTlUgxCtLOgCdHdrO
t8TfGUgGe98h19tA/g30RK8=
=Q+Un
-----END PGP SIGNATURE-----
More information about the drupal-devel
mailing list