Captcha’s in ASP.Net

I recently started getting some spam from my “contact us” page on my site.  I’d set it up “cleverly” so that it doesn’t try to send the mail to/from the addresses entered into the form since I’d seen online contact forms being used for “evil”.  Unfortunately I’d not taking into account the possibility that someone might use the form to send me spam.

Since I’d completely ignored that fact, I had not bothered to do any kind of captcha or other check to see that there it was a human that was sending the mails.  To be honest, part of the reason was that I’d imagined that making a Captcha work well would require WAY too much effort and I just wasn’t up to the task at the time.

Now that I was getting spam, I needed to make a plan and make one quickly before I was swamped by the mail.  Fortunately I remembered reading about ReCaptcha.  Basically they’re scanning books and words that are partly recognised get used in their captcha images.  Then when people enter the values for the captcha’s they’re helping ReCaptcha improve their OCR quality.

I headed on over to their site and was AMAZED at how many plugins and code “modules” they’d built.  Just take a look at the ReCaptcha Resources – When it comes to languages they have PHP, ASP.Net, Classic ASP, Python, Perl, Ruby, Java, JSP, and Coldfusion support.  And they have plugins for WordPress, MediaWiki, phpBB, Movable Type, Drupal, Symfony, Typo3, NucleusCMS, vBulletin, and Joomla.  That’s excluding the fact that they have an API that you could interact with directly.

On to the ASP.Net.  It’s REALLY easy.  You reference their DLL, then register a tag for their control on the page you want it to be placed on as follows:

<%@ Register TagPrefix="recaptcha" Namespace="Recaptcha" Assembly="Recaptcha" %>

Then you sign up for an API Key, and place the Captcha control in place as follows:

<recaptcha:RecaptchaControl
  ID="recaptcha"
  runat="server"
  PublicKey=""           
  PrivateKey=""
  />

Then finally you just put in a bit of code on the submission of the form that checks:

if (Page.Valid())

If it’s not valid, then the user entered the wrong captcha.

Three simple steps, and super quick to implement… Now my Contact page has a Captcha on it :)  I love it when things just work, and work simply.

Leave a Reply

Your email address will not be published. Required fields are marked *