Try to discard the verification code ~

Verification codes are widely used to prevent form spam information. At the same time, it causes a poor user experience and inconvenience to the normal operation of legal users. This article introduces a method to discard the verification code to prevent automatic spam information submission.
I have seen a similar method before. I started to learn JQ these days. I saw the author's link on the Chinese version of "15 days learning jquery" and translated it briefly.

 

Make it difficult for spammers to probe our forms for weakness
Keep it easy for the "good guys" to use our contact forms
Therefore we need to avoid CAPTCHA's
There's research that indicates that they's not as valid tive as once thought
We'll borrow some concepts from Chris shiflett, PHP security expert, and improve on them

Make SPAM senders (usually automated)Program-- Translator's note) It is difficult to detect vulnerabilities in our forms.
At the same time, keep "Good People (legal users with normal access-the Translator's note)" simple to use our contact information form.
Therefore, we need to discard the verification code method.
Studies have shown that they are not as effective as originally imagined
We will use some concepts of Chris shiflett (PHP security expert) to improve them.

 

specifically...
1. when the contact form is loaded we'll make an Ajax call to a PHP file
2.The PHP file will grab the current time (according to the server, not the visitor's browser)
3.The PHP file will combine the timestamp, plus a secret word, and
Generate a 32 character 'hash' and store it as a cookie on the
visitor's browser
4. jquery will receive the timestamp information from the Ajax call and store the hash or 'Token' as a hidden form tag
5. when the form is sent for processing, the value of the timestamp will
be compared to the 32 character 'Token' stored in the cookie
6.if the information doesn' t match, or is missing, or if the timestamp
is too old, we'll kill execution of the form processor and a spammer
looking for easy prey will move on to another target

Specifically ......
1. When the contact information form is loaded, we will create an Ajax call to the PHP file.
2. The php file will get the current time (depending on the server, not the visitor's browser)
3. The php file combines the timestamp with an encrypted word to generate a 32-bit "hash" and store it as a cookie on the visitor's browser.
4. jquery receives the timestamp information from the Ajax call and stores the hash value or "token" as a hidden tag of the form.
5. When the form is sent for processing, the value of the timestamp (the -- Translator's note in the form) will be compared with the 32-bit "token" stored in the cookie.
6. If the information does not match, is lost, or the timestamp expires, we will terminate the execution of form processing, at the same time, the spam sender will transfer the target to another simple prey (discard our goal-Translator's note)

 

TheArticleThis is a hands-on tutorial. The above is just a summary, but I believe you have basically understood it.
I don't quite understand the detailed steps and follow them. I will not translate them here :)

 

Address: http://15daysofjquery.com/examples/contact-forms/