ASP.NET CAPTCHA Code Filtering VB.NET Code Sample (BotDetect v3.0; deprecated)
The ASP.NET Captcha code filtering sample project shows how to use the new CAPTCHA code filtering functionality added in BotDetect CAPTCHA v3.0.
You can define rules about character sequences you want to avoid using in randomly generated CAPTCHA codes and simply pass them to the Captcha control.
First Time Here?
Check the BotDetect Developer Crash Course for key integration steps.
The web.config file defines a simplified custom character set (using only 'A', 'B', 'C' and 'D'), which helps make the code filtering easier to track in action. The following sequences will never appear in Captcha codes generated in the sample: D, AA, BB, CC, ABC, BCA, CAB.
The Global.asax file shows three different ways to load the banned sequence definitions: from a plain-text file, a .csv file, and a web.config setting.
For your application you will typically use only one of these three approaches, or any other method you prefer - you can keep the definitions in any format or combination of formats, and you just have to pass a List<string> value to the Captcha control class.
- C#
- VB.NET
- Visual Studio 2013 / Visual Studio 2012 / .NET 4.5
- Visual Studio 2010 / .NET 4.0
- Visual Studio 2008 / .NET 3.5
- Visual Studio 2005 / .NET 2.0
Visual Studio 2013 / Visual Studio 2012 / .NET 4.5
By default, the .NET 4.5 VB.NET version of the ASP.NET Captcha code filtering sample project is installed at:
C:\Program Files\Lanapsoft\BotDetect 3 CAPTCHA Component\Asp.Net\v4.5\WebApp\CaptchaCodeFilteringSample\VBNet
You can also run it from the BotDetect Start Menu:
Programs > Lanapsoft > BotDetect 3 CAPTCHA Component > ASP.NET > DotNET 4.5 Web Applications > Run
Default.aspx
<%@ Page Language="VB" AutoEventWireup="true" CodeFile="Default.aspx.vb" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head id="Head1" runat="server"> <title>BotDetect CAPTCHA Code Filtering ASP.NET Sample</title> <link type="text/css" rel="Stylesheet" href="StyleSheet.css" /> </head> <body> <form id="form1" runat="server"> <h1>BotDetect CAPTCHA Code Filtering ASP.NET Sample</h1> <fieldset> <legend>CAPTCHA Validation</legend> <p class="prompt"> <label for="CaptchaCodeTextBox">Retype the characters from the picture:</label> </p> <BotDetect:Captcha ID="SampleCaptcha" runat="server" /> <div class="validationDiv"> <asp:TextBox ID="CaptchaCodeTextBox" runat="server"></asp:TextBox> <asp:Button ID="ValidateCaptchaButton" runat="server" /> <asp:Label ID="CaptchaCorrectLabel" runat="server" CssClass="correct"> </asp:Label> <asp:Label ID="CaptchaIncorrectLabel" runat="server" CssClass="incorrect"> </asp:Label> </div> </fieldset> </form> </body> </html>
Default.aspx.vb
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Page_PreRender(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Me.PreRender
' initial page setup
If Not IsPostBack Then
' set control text
ValidateCaptchaButton.Text = "Validate"
CaptchaCorrectLabel.Text = "Correct!"
CaptchaIncorrectLabel.Text = "Incorrect!"
' these messages are shown only after validation
CaptchaCorrectLabel.Visible = False
CaptchaIncorrectLabel.Visible = False
End If
' setup client-side input processing
SampleCaptcha.UserInputClientID = CaptchaCodeTextBox.ClientID
If IsPostBack Then
' validate the Captcha to check we're not dealing with a bot
Dim code As String, isHuman As Boolean
code = CaptchaCodeTextBox.Text.Trim().ToUpper()
isHuman = SampleCaptcha.Validate(code)
CaptchaCodeTextBox.Text = "" ' clear previous user input
If isHuman Then
CaptchaCorrectLabel.Visible = True
CaptchaIncorrectLabel.Visible = False
Else
CaptchaCorrectLabel.Visible = False
CaptchaIncorrectLabel.Visible = True
End If
End If
End Sub
End Class
Global.asax
<%@ Application Language="VB" %> <script runat="server"> Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs on application startup Dim bannedSequences As _ New System.Collections.Generic.List(Of String)() ' add entries from a line-separated text file Using input As System.IO.StreamReader = _ System.IO.File.OpenText(Server.MapPath("BannedSequences.txt")) Dim line As String = "" While BotDetect.StringHelper.HasValue(InlineAssignHelper( _ line, input.ReadLine())) bannedSequences.Add(line.Trim()) End While End Using ' add entries from a comma-separated text file Using input As System.IO.StreamReader = _ System.IO.File.OpenText(Server.MapPath("BannedSequences.csv")) Dim csvString As String = input.ReadToEnd() Dim banned As String() = _ BotDetect.StringHelper.CsvToArray(csvString) bannedSequences.AddRange(banned) End Using ' add entries from web.config Dim csvConfiguredString As String = _ ConfigurationManager.AppSettings("LBD_BannedSequences") If BotDetect.StringHelper.HasValue(csvConfiguredString) Then Dim configured As String() = _ BotDetect.StringHelper.CsvToArray(csvConfiguredString) bannedSequences.AddRange(configured) End If ' this list is static and applies to all Captcha instances in the application BotDetect.Web.UI.Captcha.BannedSequences = bannedSequences End Sub Private Function InlineAssignHelper(Of T)(ByRef target As T, ByVal value As T) As T target = value Return value End Function Sub Application_End(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs on application shutdown End Sub Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs when an unhandled error occurs End Sub Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs when a new session is started End Sub Sub Session_End(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs when a session ends. ' Note: The Session_End event is raised only when the sessionstate mode ' is set to InProc in the Web.config file. If session mode is set to StateServer ' or SQLServer, the event is not raised. End Sub </script>
BannedSequences.csv
d,aa,bb,cc,abc,bca,cab
BannedSequences.txt
d aa bb cc abc bca cab
Web.config
<?xml version="1.0"?> <!-- For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/?LinkId=169433 --> <configuration> <configSections> <!-- Register the BotDetect configuration section --> <section name="botDetect" requirePermission="false" type="BotDetect.Configuration.BotDetectConfigurationSection, BotDetect"/> </configSections> <!-- BotDetect Captcha settings can be configured in this section --> <botDetect> <captchaCodes> <!-- Define custom character sets to use for Captcha code generation --> <characterSets> <characterSet name="CodeFilteringExampleCharset" alphanumeric="A,B,C,D"/> </characterSets> </captchaCodes> <captchaImage> <helpLink enabled="true" mode="image" /> </captchaImage> </botDetect> <appSettings> <add key="LBD_BannedSequences" value="d,aa,bb,cc,abc,bca,cab"/> <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" /> <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" /> </appSettings> <system.web> <httpHandlers> <!-- Register the HttpHandler used for BotDetect Captcha requests --> <add verb="GET" path="BotDetectCaptcha.ashx" type="BotDetect.Web.CaptchaHandler, BotDetect"/> </httpHandlers> <!-- Register a custom SessionIDManager for BotDetect Captcha requests --> <sessionState mode="InProc" cookieless="AutoDetect" timeout="20" sessionIDManagerType="BotDetect.Web.CustomSessionIdManager, BotDetect"/> <!-- Session state is required for BotDetect storage; you can also turn if off globally and only enable for BotDetect-protected pages if you prefer --> <pages enableSessionState="true" controlRenderingCompatibilityVersion="4.5"> <controls> <!-- Register the BotDetect tag prefix for easier use in all pages --> <add assembly="BotDetect" namespace="BotDetect.Web.UI" tagPrefix="BotDetect"/> </controls> </pages> <compilation debug="false" targetFramework="4.5" /> <httpRuntime requestValidationMode="4.5" targetFramework="4.5" encoderType="System.Web.Security.AntiXss.AntiXssEncoder, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> <machineKey compatibilityMode="Framework45" /> <trace enabled="false" localOnly="true"/> <httpCookies httpOnlyCookies="true"/> <trust level="Medium" originUrl=""/> <authentication mode="None"/> <customErrors mode="RemoteOnly"/> </system.web> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <handlers> <!-- Register the HttpHandler used for BotDetect Captcha requests (IIS 7.0+) --> <remove name="BotDetectCaptchaHandler"/> <add name="BotDetectCaptchaHandler" preCondition="integratedMode" verb="GET" path="BotDetectCaptcha.ashx" type="BotDetect.Web.CaptchaHandler, BotDetect"/> </handlers> </system.webServer> </configuration>
The Captcha code filtering algorithm works as shown in the example.
- If the first character is "a", for second character generation we check:
- all banned sequences of length = 2 starting with "a"
- If the first two characters are "ab", for third character generation we check:
- all banned sequences of length = 3 starting with "ab" AND
- all banned sequences of length = 2 starting with "b"
- If the first three characters are "abc", for fourth character generation we check:
- all banned sequences of length = 4 starting with "abc" AND
- all banned sequences of length = 3 starting with "bc" AND
- all banned sequences of length = 2 starting with "c"
Since Captcha codes are short (usually 4-8 characters), such recursive processing is acceptable performance-wise.
Visual Studio 2010 / .NET 4.0
By default, the .NET 4.0 VB.NET version of the ASP.NET Captcha Code Filtering sample project is installed at:
C:\Program Files\Lanapsoft\BotDetect 3 CAPTCHA Component\Asp.Net\v4.0\WebApp\CaptchaCodeFilteringSample\VBNet
You can also run it from the BotDetect Start Menu:
Programs > Lanapsoft > BotDetect 3 CAPTCHA Component > ASP.NET > DotNET 4.0 Web Applications > Run
The Visual Studio 2010 / .NET 4.0 source has no essential differences from the Visual Studio 2013 / Visual Studio 2012 / .NET 4.5 source.
Visual Studio 2008 / .NET 3.5
By default, the .NET 3.5 VB.NET version of the ASP.NET Captcha Code Filtering sample project is installed at:
C:\Program Files\Lanapsoft\BotDetect 3 CAPTCHA Component\Asp.Net\v3.5\WebApp\CaptchaCodeFilteringSample\VBNet
You can also run it from the BotDetect Start Menu:
Programs > Lanapsoft > BotDetect 3 CAPTCHA Component > ASP.NET > DotNET 3.5 Web Applications > Run
The Visual Studio 2008 / .NET 3.5 source has no essential differences from the Visual Studio 2013 / Visual Studio 2012 / .NET 4.5 source.
Visual Studio 2005 / .NET 2.0
By default, the .NET 2.0 VB.NET version of the ASP.NET Captcha code filtering sample project is installed at:
C:\Program Files\Lanapsoft\BotDetect 3 CAPTCHA Component\Asp.Net\v2.0\WebApp\CaptchaCodeFilteringSample\VBNet
You can also run it from the BotDetect Start Menu:
Programs > Lanapsoft > BotDetect 3 CAPTCHA Component > ASP.NET > DotNET 2.0 Web Applications > Run
The Visual Studio 2005 / .NET 2.0 source has no essential differences from the Visual Studio 2013 / Visual Studio 2012 / .NET 4.5 source.
Please Note
The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).
An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.
General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.
Current BotDetect Versions
-
BotDetect ASP.NET CAPTCHA
2019-07-22v4.4.2 -
BotDetect Java CAPTCHA
2019-07-22v4.0.Beta3.7 -
BotDetect PHP CAPTCHA
2019-07-22v4.2.5
