needle, i've run that test before, and while changing the captcha is fine, the other things i won't do. i don't want admin activations, and the fact that memberlist stuff is there won't prevent bots from posting automated messages. my server's running php 4.4.2.
well, if all else fails you could just give a whole bunch of people admin powers who regularily check the forum. So then there is almost always someone online to catch the spam messeges.
@tepples: cool prototype. now it needs to be added to phpBB... about "predictable form key number" dont worry, no spammer will take the burden to figure out how the encoded hidden key depends on the column where to put the I-piece... but if you want to be safe, why not build a more complex string: first char: a row with the hole where I tile should fit second char: the correct column remaining chars: row, encoded as "0" (hole) or "1" block and then scramble that string somehow such that you can reverse it..
Cool captcha. I wonder how hard it would be to program a bot to always enter lucky "7" though? They'd be right 10% of the time. If the answer could be a random alphanumeric string, we'd eliminate that possiblity too. It would still be weak but too much work for someone to crack.
wow, that's really cool. i bet it would stop all bots, too. bot-spammers don't actually come here, and this method would be unique to this forum. it wouldn't be time-effective for a spammer to go out of their way and find an automated way to break the tetris captcha. if you'd like to work it into the site, tepples, send me a pm.
I don't have any experience in making phpBB mods. I'd have to set up a phpBB instance on my computer first. But if anyone else wants to do the job, here's the source code.
