CAPTCHA after a estimated time or button clicks.

Hello,

I have a question regarding to adding a captcha (preferably the one from Google) to a my site.

How can I require a captcha after a estimated time spent on the site that pops up when you first open the site and for example after 60 secounds again. You have to complete the captcha to be able to use the site.

OR

How can I set up a captcha that users have to complete after a couple of html button clicks? For example: when the user clicked the button 2 times he has to complete another captcha before he is able to cklick the button again?

Have a great and safe day,
Marcel

You can log every action in a database table from the user when he click the buttons and submits the form.
By every submit it will check if the user has submitted two or three times the form and after a count you want he need to input a captcha.

Quote:

Originally Posted by Devsome You can log every action in a database table from the user when he click the buttons and submits the form. By every submit it will check if the user has submitted two or three times the form and after a count you want he need to input a captcha.

Sounds good. How can I acomplish that? :o Im relatively new to html and php..

PUSH

PUSH

What you want (from what I can tell), is this javascript code:

Quote:

Originally Posted by BurnerGR What you want (from what I can tell), is this javascript code: Code: function injectCaptcha(element, sitekey) { return function() { // injecting the google javascript var script = document.createElement('script'); script.setAttribute('src', 'https://www.google.com/recaptcha/api.js'); document.querySelector('head').appendChild(script); // triggering the google api element.setAttribute('class', 'g-recaptcha'); element.setAttribute('data-sitekey', sitekey); } } var element_to_hold_captcha = document.getElementById('my_empty_captcha_div'); var mysitekey = '6Lf8lgUISZZZZZZZAsdTBkiymY'; var cooldown = 100; // ms setTimeout(injectCaptcha(element_to_hold_captcha, mysitekey), cooldown);

When I add this to my site nothing happens..
How/Where do I have to implement the code?

Quote:

Originally Posted by BurnerGR What you want (from what I can tell), is this javascript code: Code: function injectCaptcha(element, sitekey) { return function() { // injecting the google javascript var script = document.createElement('script'); script.setAttribute('src', 'https://www.google.com/recaptcha/api.js'); document.querySelector('head').appendChild(script); // triggering the google api element.setAttribute('class', 'g-recaptcha'); element.setAttribute('data-sitekey', sitekey); } } var element_to_hold_captcha = document.getElementById('my_empty_captcha_div'); var mysitekey = '6Lf8lgUISZZZZZZZAsdTBkiymY'; var cooldown = 100; // ms setTimeout(injectCaptcha(element_to_hold_captcha, mysitekey), cooldown);

This is not nearly secure and can easily be stripped out on the client side.


This has to be done on the server side. Each request to the server has to check the timedifference to the last captcha and whether it is overdue. In case it is, display the captcha and drop every other request until it has been solved.

Quote:

Originally Posted by Frosttall This is not nearly secure and can easily be stripped out on the client side. This has to be done on the server side. Each request to the server has to check the timedifference to the last captcha and whether it is overdue. In case it is, display the captcha and drop every other request until it has been solved.

That sounds very good and understandable.
BUT the problem is that I cant do that myself without a tutorial or help of someone. Scince im a newcomer in this, its pretty hard to do that and if I would try, I would probably do anything but not the thing I want in the end.
You sound like you know what you talking about, would you mind helping me out a bit? We can chat over skype or something to make that whole thing a bit easier. I think you are german becouse of your signature. Im am too, so communitaction wouldnt be a big problem.

Quote:

Originally Posted by Frosttall This is not nearly secure and can easily be stripped out on the client side. This has to be done on the server side. Each request to the server has to check the timedifference to the last captcha and whether it is overdue. In case it is, display the captcha and drop every other request until it has been solved.

I never said that nothing must be done on the server side, it's just he seemed to have handled the back-end code...

Simply keep tracking of users, add timers and eventually spit the final javascript. After N amount of time for a certain session you could force the captcha validation, both back-end and front-end.

That javascript code is just one crucial part of the mechanism he wants.
If he has not enough experience I can do it, but not for free.

Quote:

Originally Posted by BurnerGR I never said that nothing must be done on the server side, it's just he seemed to have handled the back-end code... Simply keep tracking of users, add timers and eventually spit the final javascript. After N amount of time for a certain session you could force the captcha validation, both back-end and front-end. That javascript code is just one crucial part of the mechanism he wants. If he has not enough experience I can do it, but not for free.

How much do you want?

push