Using Math to Detect and Slow Down Spamming Technique

Coast LineCEO
Today, I was working on some optimization and spam-stopping techniques when I encountered Ben Nadel's post to reduce spam feature using Math. While this method is not one-hundred-percent foolproof, it gives a general idea of how we can slow down spammers a bit.

I have used many recaptcha codes like Lyla Captcha, Recaptcha, Coldfusion's own Captcha, and many others free and commercial captcha techniques. They all are not fully foolproof. Therefore, I find the Math method good as it does not involve image creation or something similar. Just create some simple math and you are done with it! If you want to play more with it, you can always do the following:

1. Follow Ben Nadel's post on Math De spamming Technique
2. Make the math Calculation more Complex
3. Add the reload functionality to this – e.g., build an Image of the calculation as new image and reload it again with a new image on same page.
A very tricky technique, though we will just be playing with the random numbers and sending the details the users to solve the math operation. While this technique uses only the multiplication, addition, and subtraction methods only, while more advanced techniques can be added like modulus, division, and other such operations.

But to keep it simple, I have included the following files I am using to make this work. I welcome all you suggestions and comments if you find any way to enhance the code!

Code Samples

1a. The first file, Application.cfm:
<!---  You can change this value to make it more complex --->
                      <cfset request.Requestedhash = "!!!@$$5656%%00(())"> 

Open in new window

1b. If you have Application.cfc, then use in the OnRequestStart() method:
<!--- You can change this value to make it more complex --->
                      <cfset request.Requestedhash = "!!!@$$5656%%00(())"> 

Open in new window

2. The next file is the our main file where we want to use the Spam Code
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
                      <html xmlns="">
                      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
                      <title>Check for Spam</title>
                      <cfinclude template="getnew.cfm">
                      <cfif isDefined('form.chk')>
                         <cfif hash(form.ColorTest & request.Requestedhash) eq form.weightInPounds>
                            <cfset a = "The Spam test Passed">
                            <cfset a = "The Spam test Failed">
                      <cfform method="post" action="#cgi.SCRIPT_NAME#?#cgi.QUERY_STRING#">
                      <table width="100%" border="0" cellspacing="2" cellpadding="1">
                        <cfif isDefined('a')>
                        <tr><td colspan="2" align="center"><cfoutput><div style="color:red; text-decoration:underline; font-weight:bold;">#a#</div></cfoutput></td></tr>
                          <td align="right">Verify&nbsp;:&nbsp;</td>
                            <cfset saltedValue = Hash(Fix(sum) & request.Requestedhash)>
                            <input type="hidden" name="weightInPounds" value="#saltedValue#">
                          <td width="25%" align="right">Spam Test&nbsp;:&nbsp;</td>
                          <td><input type="text" name="ColorTest" id="ColorTest" /></td>
                          <td align="right">&nbsp;</td>
                          <td><input type="submit" name="chk" id="chk" value="Check For Spam" /><br />
                          Don not use (-) if the value of the result is in minus</td>

Open in new window

3. Then at last, the page code of GetNew.cfm, which generates the spam check code:
<cfset value1 = RandRange(1,10)>
                      <cfset value2 = RandRange(9,20)>
                      <cfset randomList = "*|+|-">
                      <cfset randomInt = randrange(1, listLen(randomList, "|"))>
                      <cfset id = ListGetAt(randomList, randomInt, "|")>
                      <cfif value1 LT value2>
                        <cfset sum = PrecisionEvaluate('#value2##id##value1#')>
                        <cfset store = value2 & id & value1>
                        <cfset sum = PrecisionEvaluate('#value1##id##value2#')>
                        <cfset store = value1 & id & value2>

Open in new window

I think you will find the code useful. We are using here some built-in functions of ColdFusion like ListGetAt, RandRange, PrecisionEvaluate, which helped us to build our match equation; therefore, read the 'livedocs' for more information!

Coast LineCEO

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.