Scott Hanselman

A potential CAPTCHA Comment Spam Solution for dasBlog (and others) with no recompile or code changes

November 11, '04 Comments [10] Posted in ASP.NET | DasBlog
Sponsored By

I took Jeff Atwood's CAPTCHA example and added a new event called "UserValidationEvent"

Public Event UserValidationEvent As EventHandler

Then I raise the event at the VERY end of ValidateCaptcha I raise it:

RaiseEvent UserValidationEvent(Me, New EventArgs)

I made it a separate event because I want the CaptchaControl to integrate with my blogging software WITHOUT any code on the server side.  I didn't want to have to recompile dasBlog or check anything in the Page_Load.

I made the appropriate web.config changes as per Jeff's instructions, and I added the control to the CommentViewBox.ascx and put this code at the top:

<%@ Register TagPrefix="cc1" Namespace="WebControlCaptcha" Assembly="WebControlCaptcha" %>
<script Language="C#" Runat="Server">
  protected void Foo(object sender, System.EventArgs e)
  {
  if (Page.IsPostBack == true && CaptchaControl1.UserValidated == false)
   {
    Response.Redirect(Request.RawUrl);
   }
  }

  protected void Page_Load(object sender, System.EventArgs e)
  {
   //Ya, ya, I know I could have hooked this event up a number of ways
   // including AutoEventWireUp but I like this fine, and it feels
   // more explicit to moi.
   CaptchaControl1.UserValidationEvent += new EventHandler(Foo);
  }  
</script>

There are a few Font issues to work out...he has it setup with a number of "no-no" fonts, while I'd prefer a list of "allowed" fonts. 

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. I am a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by ORCS Web

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.