O'Reilly logo

Facebook Cookbook by Jay Goldman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hunting for Robots: CAPTCHA in Your App

Problem

I’m worried that people will use scripts to hack their way into my app! How can I verify that my users are real people?

Solution

Use the fb:captcha tag to display a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) on your page. The simplest form is:

<form method="post" action="http://someserver.com/somePage.php">
    <fb:captcha />
</form>

which will give you something like Figure 6-61.

Facebook CAPTCHA

Figure 6-61. Facebook CAPTCHA

Discussion

CAPTCHAs were originally created in 2000 by Luis von Ahn, Manuel Blum, Nicholas J. Hopper (all of Carnegie Mellon University), and John Langford (then of IBM). The general idea is to present users with a distorted image of a word, which computers would find very difficult to decipher but which people should be able to read quite easily. Early CAPTCHAs were quickly defeated by sophisticated algorithms, but more modern ones have surpassed all but the most dedicated of hackers (or hackers smart enough to outsource the work of cracking them to people in places such as Russia, who are reputedly paid $3/hr to interpret image after image). The acronym is an extension of the concept of a Turing test, first proposed by Alan Turing and postulated as the ultimate test for artificial intelligence: the ability to convincingly pass as human (i.e., to demonstrate intelligence). This is almost a reverse ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required