Preventing Automated Web Site Registrations
Many heavily trafficked public portals provide features such as free emailing
services, on-line storage etc. Webmasters administrating these sites always want
to make sure that the users registering with their sites are "real" users
instead of automated one. Take an example of MSN registration, when you go to
their registration page and fill in the details they display a small randomly
generated image with some text. The user is supposed to enter the text in the
textbox provided on the form which confirms that the person is physically
registering with the site. In this article I will show you how to develop
similar mechanism for your ASP.NET applications.
GDI+ and Random class
GDI+ classes allow you to easily generate graphics on the fly and display in
the web pages. We will be using these classes along with Random class to develop
Generating random strings
First we need to device a mechanism that will give us a randomly generated
string with each request to the page. Following routine does exactly the same.
public static string GetRandomString(int length)
int intZero=0, intNine=0, intA=0, intZ=0,
Random rRandom =new Random(System.DateTime.Now.Millisecond);
intZero = '0';
intNine = '9';
intA = 'A';
intZ = 'Z';
strRandomString = "";
while (intCount < length)
intRandomNumber = rRandom.Next(intZero, intZ);
if(((intRandomNumber >= intZero) &&
(intRandomNumber <= intNine) ||
(intRandomNumber >= intA) && (intRandomNumber <= intZ)))
strRandomString = strRandomString + (char)intRandomNumber;
intCount = intCount + 1;
The function accepts the length of the string to be generated and constructs
a random string using Random class. We will not go into details of the logic
used as it is simple and clear from above routine.
You will find above function in the RandomString.cs file available in the
Generating and outputting image on the fly
Next step is to generate images on the fly and output on the response stream.
Bitmap bmp=new Bitmap(100,30);
Here, we create an instance of Graphics class from an Image (represented by
Bitmap class). We then draw the randomly generated string on this bitmap
and save the image to the Response.
You will find this code in the randomimagepage.aspx file available in the
Building the registration form
Finally you will develop a registration form which will display the randomly
generated image in an Image control. You will find the code and markup in
registrationform.aspx available in the download. One important to note in the
web form markup is the following line:
<asp:Image id=Image1 runat="server"
Note how the ImageUrl property is set to the previous web form that emits the
dynamic image on the response stream. Once the user submits the form we check
the entered random code against what was generated.
Label5.Text="Random string verification failed!";
//do database insert here
Source Code Download
Complete source code in C# is including web forms and image generation logic
is available along with the article.
Automated form submission is a matter of concern for many large portals -
specially offering services such as free email. If you are developing such a web
site it would be nice to provide some way in your application that will ensure
that users are filling the registration forms themselves rather than an
automated system. In this article we accomplished this goal using GDI+ classes
and Random string generation logic.