Jcap (Captcha Validation Javascript)

Posted on by

***NOTICE (2006-01-10): The developer assumes no liability with this resource
and it is provided as is. This script is referred to as a “security development”
because it can provide some minimal level of security. While it does seem to
be an effective elementary form of security the developer does not claim that
it is an impenetrable solution and thus the developer does not recommend implementing
it for the protection of highly sensitive data.

***NOTICE (2006-10-25): The developer would like to thank Neville White
of White-Hot Design
for compressing Jcap’s CAPTCHA image library from 4.2 mb to 1.0 mb!

Though Jcap (Captcha Validation Javascript) is not recommended for highly sensitive data, it is an advanced level script that can be
easily embedded into various forms for experimentation and can be a start for other uses that could have greater security value. The concept of the Jcap (Captcha Validation Javascript) is that it is the javascript (client-side) answer to Gimpy, a program developed by and based on the logic of the
CAPTCHA Project at Carnegie Mellon University in that it can successfully tell humans and machines apart
by administering a simple test that most humans can pass and current machines cannot pass. More information
on the CAPTCHA Project at Carnegie Mellon University is
available on their official website.

There are many ways to utilize the Jcap (Captcha Validation Javascript). To
install Jcap (Captcha Validation Javascript) download and decompress the Jcap
zip file which contains all the required files. Get Jcap (Captcha Validation Javascript). After decompressing the files to the desired directory
on your server change the value of the variable “imgdir” in the Jcap Javscript
to the directory where the unzipped Captcha images on your server are located
(With the trailing slash). You may also need to edit the html script src location
for where the md5.js and jcap.js files on your server are located if you put
them in a separate directory from your form. Finally you need to modify the
form field (If you’ve never used forms before you can access more information
about them at http://www.w3schools.com/html/html_forms.asp)
input tag named “action” change it’s value to the URL of the application on
your server and its method (“get or post”). Example:

<form action =”www.yourdomain.com/cgi-bin/formmail.cgi” method=”get”
name=”xfrm” onsubmit=”return jcap();”>

It is also recommended that you modify your application (ie. cgi, asp…) and/or
form field to require the value “uword” to ensure that jcap was implemented
before the execution of your application. Example:

<input type=”hidden” id=”required” name=”required” value=”uword”>