更新时间:2022-12-06 22:24:08
有趣。我会警惕地将其视为解决垃圾邮件/替换capcha的解决方案,但这确实使垃圾邮件发送者的生活更加困难。
Interesting. I'd be wary of thinking of it as a solution to spam / replacement for capcha, but it does make the spammers life more difficult.
但是您应该计划如何处理在禁用了javascript的情况下(可能还有CSS)-例如通过为表单分配一个div,但保留默认消息,然后使用javascript将表单写入表单(内联而不是等待onload / pageready)。
However you should plan for dealing with cases where javascript is disabled (and potentially CSS too) - e.g. by assigning a div for the form, but leaving it with a default message, then writing the form into it using javascript (inline rather than waiting for onload/pageready).
$ string = md5($ _ SERVER ['REMOTE_ADDR'])
$string = md5($_SERVER['REMOTE_ADDR'])
这不是随机值-它不会改变。考虑:
This is not a random value - and it won't change. Consider:
$ string = sha1($ _ SERVER ['REMOTE_ADDR']。rand(1000).time());
$string = sha1($_SERVER['REMOTE_ADDR'].rand(1000).time());
(尽管底层算法需要更多操作,sha1还是比md5快)。
(sha1 is slightly faster than md5 despite the underlying algorithm requiring more ops).
使用会话可能是一个好主意,并且:
It might be a good idea to use a session, and:
$ _ SERVER ['string'] = sha1(session_id()。 rand(1000).time());
$_SERVER['string'] = sha1(session_id().rand(1000).time());