Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

reCAPTCHA V2 - Looks So Cool


Mort-lemur

Recommended Posts

Yeah, a bit off topic, but I don't even bother optimizing my site for users of IE <10, which are also only around 1% of the web...

It's 2016 now, around 98% of web users are using modern browsers and the vast majority of them with latest versions: http://www.w3schools.com/browsers/browsers_stats.asp

Microsoft so aggressively pushing Windows 10 is helping those stats get even better every day :)

Link to comment
Share on other sites

  • Replies 100
  • Created
  • Last Reply

@dr_lucas  Thanks for calling me a loon. I really only come here for the casual insults.

 

As @@Dan Cole said, it's more like 2%. Some of those may be bots, but the figures I've seen show that most are blind/disabled persons using screen readers. Nice to cut them out as well.

 

Don't feel bad about blocking me out of your site. When that happens, I just go to your competitor. It's rare these days to find an time that is sold by only one online store, and there is always one store that is accessible.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

No offence and nothing personal, mate, but I stand behind my words, with all due respect.

It's really more like 1% and I personally don't know of any modern eCommerce framework or large eCommerce website (with the exception of Amazon maybe. Ebay requires js) or modern eCommerce template that is usable with JS turned off.

People who prefer to stay in the dark ages will stay there. I don't mind losing them for the competition and I don't feel bad even not one bit. Really. (although again - none of my competitors use a system that will work with JS disabled, at least in my industry).

Link to comment
Share on other sites

Now, now, let's not get into name-calling. Even if someone is part of a very small group (e.g., trying to run an osC-based store with JS turned off), that's no reason to call them loonies. You can say that you regret the inconvenience to them and the loss of their business to you, but they have their reasons for not running JS and it's not worth your while to cater to them.

 

Now, if humans running with JS turned off are really a tiny minority (and you're not going to get into legal trouble for poor accessibility for the blind?), in general is there any kind of CAPTCHA where you don't mind rejecting them if it will also eliminate nearly 100% of bots? Something using <NOSCRIPT> to do something that marks the visitor as a probable bot? Note that you should be nice (non-insulting) with the message to them: "JavaScript is required for the proper functioning of this web site. As you apparently have JavaScript turned off, we regret that we are unable to work with you."

 

And do consider that you don't want to generally exclude SE bots (such as Google), except from selected areas such as contact forms.

Link to comment
Share on other sites

I'm also a 1% Loon.  That's the nicest thing I've been called all week :D

 

I browse with .js off.  If I'm on a known site (eg, this forum) I make an exception.   There are a few other sites who are in the exception list, mostly these are well known sites such as (parts of) ebay, amazon, bbc, and the like.

 

If I'm shopping and the site needs .js on, it depends on the site.  Earlier today I bought an item from Littlewoods which is a very well known (uk) ecomm site.  I turned .js on as I could not get past the create_account page otherwise.  At the end of the checkout, I turned it back off.

 

Getting back on the topic of Recapcha's;

 

Browsing with .js off means that the Recapcha input (tickbox) does not show => the form can be submitted but will always return an error:  "did you tick the recaptcha"...

 

However, the Maths version works very well with .js off.  Thats a point in its favour.

Link to comment
Share on other sites

Yeah, @@MrPhil, sorry for being a bit too vulgar, happens sometimes...I'll try to be a good girl  :rolleyes:

 

I really like what mega.nz do when being accessed with browsers like IE9: https://mega.nz/update.html

 

By the way, I am not sure about legal issues, but I have never heard of site owners getting sued for using captcha's. Have you?  :mellow:

Link to comment
Share on other sites

By the way, I am not sure about legal issues, but I have never heard of site owners getting sued for using captcha's. Have you?  :mellow:

 

These days you have to be careful about appearing to discriminate against the handicapped, even if you're not doing it intentionally. Private businesses can often be sued for failure to make "reasonable" efforts to accommodate, say, someone in a wheelchair; so I wouldn't be surprised if a website owner could be sued if it appeared that they were discriminating against the blind, by not permitting, say, a screen reader to be used (if it somehow depends on JS). Note that most CAPTCHAs permit audio "display" of the test, so that the visually impaired can use them, so be careful not to break the capability of the blind using your system, in your zeal to exclude bots.

Link to comment
Share on other sites

Well, 1% of a dollar (Canadian "Loonie") is a cent! Do youse guys still mint pennies?

 

Reminds me of a story told in the DVD commentary for the third Futurama movie. It seems that originally there was a joke in there about a Canadian dollar versus a "real" (US) dollar. They were half way through production of the movie (late 2008) when they suddenly realized that a Loonie was now worth more than a buck, and the joke didn't work any more. So, they had to quickly rewrite that part of the script. Well... it was funny in the way they told it.

Link to comment
Share on other sites

Might you be surprised if I said that over 300,000 sites use a Maths Captcha ?

"A" maths CAPTCHA... not necessarily exactly the same as you are using? Most CAPTCHAs don't give the answer in the prompt, so it's no more than "type in this number in the input field", isn't it? If it were to become widely used (hundreds of thousands of installations, at a minimum), you can bet that bots would be written to look for that answer and enter it into the input. I'm not trying to slam you; just pointing out some limitations I see in what you've come up with.

 

Your comments are well-received though, and should be thought provoking to all readers.

Thank you.

 

-------------------------------------

What if a CAPTCHA area used a small randomly selected set of questions, of different types, out of a large pool? Some might be a math question, possibly with the answer in the prompt, some might be of the checkbox style "I am/am not a human", some might be "type in this text", some might be a simple v1 text-as-graphics CAPTCHA or even the new picture selection type. The idea is to keep bot writers off balance by forcing them to handle a huge number of potential question types, yet not annoy humans (too much) with too many or too difficult of questions.

 

As I've said before, a CAPTCHA is still only a thin defensive line. Once the bot (or spammer's human drone) gets through the defenses, you have to think about monitoring user behavior to block out probable spammers. As has been mentioned, it's unlikely for someone using a "Contact Us" form to include an HTML link (especially if you don't allow HTML input with CKedit, etc.), so you can discard anything that appears to be HTML. For something like a forum or blog, it gets more complicated in deciding that a post is "probably" spam and needs to be held aside for manual examination before it's published.

Link to comment
Share on other sites

@@MrPhil

 

 

1% of a dollar (Canadian "Loonie") is a cent! Do youse guys still mint pennies?

 

Ahhh....that went over my head....more coffee needed!

 

Regarding the penny....we retired those.   I'm surprised how quickly everyone adjusted and they aren't even missed any more.  It is almost like they never existed.

 

Dan

Link to comment
Share on other sites

This is your Captain speaking. The jokes will be flying over your head at 35 thousand feet. Please return all seatbacks and flight attendants to the fully upright position. Thank you for flying Trans Universe Airlines, and the conductor will be around shortly to punch your tickets.

 

Here in the US, you would not believe the screaming any time someone suggests getting rid of the penny (much less the nickel).

Link to comment
Share on other sites

"A" maths CAPTCHA... not necessarily exactly the same as you are using? Most CAPTCHAs don't give the answer in the prompt, so it's no more than "type in this number in the input field", isn't it? If it were to become widely used (hundreds of thousands of installations, at a minimum), you can bet that bots would be written to look for that answer and enter it into the input. I'm not trying to slam you; just pointing out some limitations I see in what you've come up with.

 

Sure...but giving the answer as a hint makes it exceptionally easy for the real user, and no less difficult for the bot, assuming that no bots can yet read a placeholder/validation message.  

 

You're correct that most Maths capcha's don't give the answer => if a shopowner would rather not give the answer then it is a true/false setting which turns that feature on or off.

 

I'm pretty sure that we can fly low under the radar anyway, as hardly any sites will be using this Maths capchta I've built.

Link to comment
Share on other sites

OK, I'm blind and need audio or a screen reader. I'm a quadriplegic and use a puff stick to type. I have poor motor control and can't successfully use a mouse. My browser's graphics are turned off. Does this new KeyCaptcha work with all these people?

Link to comment
Share on other sites

@@burt, I borrowed your 2.3.4BS Contact page for another site, and made some enhancements you might be interested in. I added radio buttons to select which email to send to, and on error, the form is repopulated with the user inputs (if error, value="previous entry" and no placeholder; if no error, placeholder="prompt text" and no value). In the Maths CAPTCHA, I randomly select the label and placeholder strings, to confuse any bots and provide a little variety to users. Label examples: "Totalise 123 + 456:", "Sum up 123 and 456:", "123 + 456 is:", etc. Placeholder examples: "The answer you seek is 579", "The answer seek you is 579, young Jedi mine", and "579 is the count to give, not 578, except that you proceed to 579, and 580 is right out!". That last one is a little long for the field, but shows in the title attribute, and is a present to Monty Python fans.

 

Let me know if you want a look at my code, and I can post it/attach it here, or send it privately.

Link to comment
Share on other sites

I totally get it, but that's what we have to try to avoid - making core code changes in this manner.  It's the start of a path that leads to the same place we are at now...people (ab)using the old style of "coding osCommerce" (ie, change anything you want in any page) to do something that can be done in less impactful ways...

 

 

That said:  I am certain some people will find it useful !

Link to comment
Share on other sites

Well, as I should have more clearly said, it's for a non-osC site, so I felt free to hack it up however I wished. If someone wants to make the same enhancements for osC (especially as an add-on), they are free to follow the rules for osC (avoiding core code changes). The list of principal enhancements, which could be useful in general:

  • radio button selection of destination for email (email ID not shown in HTML). could add [text] to email subject line instead
  • optional subject line added
  • if form is redisplayed after an error, contents are restored (instead of showing placeholders)
  • maths CAPTCHA gets variety of label and prompt formats, to (hopefully) confuse bots without confusing people

Have fun with it!

Link to comment
Share on other sites

@@MrPhil in that case, not osCommerce => full steam ahead.  

 

And for anyone else who is debating doing a lot of core code changes to their Responsive osCommerce => full steam ahead if it floats your boat.

But try not to if you can help it as there is no need and you make life harder for yourself in the future.  

 

 

 

What link ?

http://www.oscommerce.com/forums/topic/408475-recaptcha-v2-looks-so-cool/?p=1738922

Link to comment
Share on other sites

  • 1 month later...

@@MrPhil in that case, not osCommerce => full steam ahead.  

 

And for anyone else who is debating doing a lot of core code changes to their Responsive osCommerce => full steam ahead if it floats your boat.

But try not to if you can help it as there is no need and you make life harder for yourself in the future.  

 

 

 

http://www.oscommerce.com/forums/topic/408475-recaptcha-v2-looks-so-cool/?p=1738922

 

Has anyone implemented the Math captcha as an addon to BS Oscommerce?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...