[newsome]

Hello.

Has anyone tried either of the following methods:

~~~~~~~~~~~~~~~~~~~~~~~
1) keep the filename 'register.php' as is but rename the e.g. do_register2() function in that file and correspondingly in 'register_center.tpl'. I'm thinkin' that bots need to know the name of the function in order to call them.

2) use the 'Sessions' feature to do the checks from behind the scenes. I'm not real experienced with sessions nor done much with 'Smarty' code, but I hope bots can't access values they either don't see nor know about.

If this is doable, maybe do the checks starting with either 'do_register0()' or 'do_register1()' or 'register_step_1.tpl' and/or 'register_step_2.tpl' by creating some arbitrary variable(s) that no one knows the name of but you.

Then, set its value as some random or automatically-assigned value or by variable calculation; then confirming its value or boolean in say, at the beginning of 'do_register2()' before sending the data to the database so if the check doesn't work, the data isn't sent by virtue of a 'return' statement within the 'if' conditional statements.

This routine is not meant to be seen by users like Captcha -- it's mainly to be sure that only your files and routines on your server are actually used, therefore not providing others with data names and using them in alternate methods. Note: If done in the '.tpl' files, I'm guessing sessions would be done between {php}...{/php} tags.
~~~~~~~~~~~~~~~~~~~~~~~

Just a couple of new approaches to give some thought to.

If anyone tries either of these methods and gets them to work, please share your results with us in this thread.


Thanks.