POstealth | Terms of use

Protect your site with POstealth

Client Side API

You can use POstealths state of the art Fuzzy Human Interactive Proof (HIP) in your own web page. This, however, only works on Javascript capable browsers. If you need to support users without Javascript use the POstealth Redirect feature.

If all your users have Javascript enabled you can add the POstealth Fuzzy HIP to your site in 4 easy steps.

Step 1

The POstealth Fuzzy HIP has a timeout of 20 minutes. If your Web form typically requires more time than this we suggest using a separate page for data entry and the Fuzzy HIP.

On the Web Page where the Verification should take place add the following line of html to your page.

<script type="text/javascript"
src="http://www.postealth.com/fuzzyscript.aspx">
</script>

<script type="text/javascript"
src="https://www.postealth.com/fuzzyscript.aspx">
</script>

This is a client side include which adds the contents and logic of the Fuzzy HIP here.

Step 2

Write a call back function which takes two arguments a bool and a string. Here is a Javascript example:

<script type="text/javascript">
function PostealthHipDone(bIsHuman, sTicket)
{
	if (bIsHuman)
	{
		alert("Correct!");
		return true;
	}
	else
	{
		alert("Please select the pairs correctly.");
		return false;
	}
}
</script>

This function will be called when the Fuzzy HIP is finished regardless of the outcome. The bool parameter (bIsHuman above) is true if the test was passed and false if the user failed. The ticket can be passed on to your Server to verify that the user did indeed pass the test.

In this function you will need to Redirect to your server using the ticket. The advantage of using Redirect and passing the ticket on the URL is that this method is compatible with the POstealth Redirect feature with Server Side Verification enabled. Here is another callback example using this method:

<script type="text/javascript">
function PostealthHipDone(bIsHuman, sTicket)
{
	if (bIsHuman)
	{
		location.href = "http://myhome.com/guestbook.htm?ticket=" + sTicket;
	}
	else
	{
		alert("Please select the pairs correctly.");
		POstealth_Restart();
		return false;
	}
}
</script>

If you do not want to pass the ticket on the URL to your Server using a Redirect you can Post the Form to your Server and read the ticket from a hidden field in the form with the id=”POstealth_Ticket”. You have to POST the form for this method to work. *
(*Some of the Server side Verification samples will need small changes to work correctly with this method.)

Step 3

You have to tell the Fuzzy HIP what your callback function is. Otherwise the function will not get called. You can do this with the following html:

<script type="text/javascript">
    POstealth_SetCallback(PostealthHipDone);
</script>

This hooks your script up with the Fuzzy HIP.

Optional

You can also set the number of frames (4 – 12) required to pass the HIP. The more frames the more accurate the text. To Set the number of frames call POstealth_SetFrames like this.

<script type="text/javascript">
    POstealth_SetFrames(6);
</script>

You can also change the text of the instruction block at the Top of the HIP by calling POstealth_SetInstructions with a small piece of html. This is useful for Internationalisation for example. (Notice the <br /> line breaks in the sample below.)

You can change the Progress prompt by calling POstealth_SetProgressText. Notice! Using HTML tags with POstealth_SetProgressText is not yet supported.

You can, of course call all four within one script block as in this example:

<script type="text/javascript">
    var sInst = "Find the pair of Dogs, Cats or Bunnies.<br />Click the button BETWEEN the pair.<br />No Pair? Two Pairs? Click (Reload).";
    var sProg = "Progress... "
    POstealth_SetCallback(PostealthHipDone);
    POstealth_SetFrames(6);
    POstealth_SetInstructions(sInst);
    POstealth_SetProgressText(sProg)
</script>

Here is a working sample.

Client side working sample.

Step 4

If you did Step 2 correctly then your callback (PostealthHipDone above) will call your Server with the ticket given. To verify the request from your Server side see Asking the POstealth Server. The Server Side Validation Samples assume that you used the Redirect to URL method in Step 2.

Server Side Verification

Keeping you off the Spam Radar.