How to implement two recaptcha in the same page

Refactor to avoid usability issue

This doesn't seem reasonable and I would suggest to avoid this at all costs, because you have a serious usability issue if you do need two of them. Why would you need two captchas anyway? The main idea behind a captcha is that it assures that there was a person entering data in the form and not a computer.

So if there's one captcha on the page, you're assured. So if the first one was filled by a person, all other data is as well and you don't need a second one.

But I can see one scenario where two captchas could come into place. And that's when you'd have two <form> elements on the page. So a user can either submit one or the other. In this case user will always submit data from just one form and not both. So you could avoid this as well by either:

separating these two forms into two pages/views with an additional pre-condition page where a user would select one of the two forms
hiding captcha at first, but when a user starts entering data into one of the forms you could move the hidden DIV with captcha inside the form and display it. This way there would only be one captcha on the page and it would be on the form that the user is about to send

The second one is the one you'd want to avoid. If you give us more details what your business problem is, we could give you a much better answer.

Alternatives

Since you described your actual business problem I suggest you take a look at the honey pot trick, that is more frequently used for this kind of scenarios. Because if you used too many captchas on your site, people would get annoyed. They are tedious work, that's for sure. Honey pot trick may help you avoid these unnecessary data entering.

The other question is of course: Are your users logged in when they have these actions available? Especially the editing one. If they are, you can better mitigate this problem. You could set a time limit per user for sending out messages. Like few per minute. That's what a person would do. And of course store the information about sending out these emails, so you can still keep historical track of what users did so you can disable accounts of this gets abused. But when users are logged in they normally don't have to enter captchas since they've already identified themselves during authentication phase.

The ultimate question is of course: Why would a bot send out emails to friends? they wouldn't be able to send any kind of spam would they? What's the point then? It's more likely that bots will abuse your system if they can spam users anyhow. Either by sending email with content or leaving spam comments on your site. These forms need to be bot checked.

Thanks Robert,The second avoid point is very useful. I can't think why this not came to my mind. Nice idea.The main problem is we have two views one for tell a friend about the site by sending e-mail and another authoring any note. the tell a friend part is hidden which send e-mail through ajax and note author part is visible so it is making problem when we need both but in different way.Is there any alternative that can help ?

Aditya Acharya 2010-08-12 07:30:30

@Robert Why would a bot send out emails to friends? If an automated program will try sending mail which will slow down the Mail server. Can it not happen?

Dev 2010-09-07 07:40:17

@Dev: But that's a stupid solution. It wouldn't bring creators any income. It's just made to disrupt the work of mail server. But. There may be a very small probability of this happening. I'd deal with it when it actually happens - it may be that I'll never have to deal with it anyway.

Robert Koritnik 2010-09-07 09:59:28

ansaurus

tags:

views:

answers: