Handling Dynamic Images in ASP.NET 3.5 AJAX Applications - Constructing an ASP.NET AJAX Styled Message Board Sample

(Page 2 of 5 )

In this section, we are going to show you another interesting ASP.NET AJAX based message board sample. This sample is more complex that the previous ones: it uses an .xml file to hold message data, and the myNorthWind.mdf database to store verification code related data. And also, it uses an ASP.NET AJAX Toolkit control, NoBot, to automatically judge whether the message data entered is the result of an action by a human being or done by a robot instead of traditional manual programming.

First, you can look at one of the running time snapshots of the message board application, as is shown in Figure 4.

Figure 4-using the ASP.NET AJAX Toolkit control-NoBot to help to block off possible rubbish message

As the ResponseMinimumDelaySeconds property of the NoBot control hints, if it takes less than 15 seconds to enter all the message related data, the NoBot control will give a 'Suspicious Robot action...' prompt at the bottom and record this piece of information.

Now, let us dissect the how-to behind the scene.

Introducing the ASP.NET AJAX Toolkit control NoBot

NoBot is one of the great ASP.NET AJAX Toolkit controls that attempts to provide CAPTCHA-like bot/spam prevention without requiring any user interaction. This approach is easier to bypass than an implementation that requires actual human intervention, but NoBot has the benefit of being completely invisible. NoBot is probably most relevant for low-traffic sites where blog/comment spam is a problem and 100% effectiveness is not required.

In all, NoBot employs the following different anti-bot techniques:

• Forcing the client's browser to perform a configurable JavaScript calculation and verifying the result as part of the postback. (Ex: the calculation may be a simple numeric one, or may also involve the DOM for added assurance that a browser is involved).

• Enforcing a configurable delay between when a form is requested and when it can be posted back. (Ex: a human is unlikely to complete a form in less than two seconds).

• Enforcing a configurable limit to the number of acceptable requests per IP address per unit of time. (Ex: a human is unlikely to submit the same form more than five times in one minute).

Note you can test NoBot by violating any of the above techniques: posting back quickly, posting back many times, or disabling JavaScript in the browser.

Next: About the Data Storage >>
 

More ASP.NET Articles
More By Xianzhong Zhu

Comments On: Handling Dynamic Images in ASP.NET 3.5 AJAX Applications

>>> Be the FIRST to comment on this article!