Jump to content




Recent Status Updates

  • Photo
      18 Aug
    KodeKool

    When faced with a wall of errors and no hope to fix them, remember the following "Programs always do what you tell them to, and seldom what you want them to, but eventually you'll run out of things that can go wrong and it'll just work. and that's the secret to good programming."

    Show comments (2)
View All Updates

Developed by Kemal Taskin
- - - - -

Creation of captcha / Part II /Secure forms


  • Please log in to reply
47 replies to this topic

#1 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 29 April 2008 - 05:20 AM

Okay here's our code of this captcha image:

<?php
header('Content-type: image/jpg');
$im = imagecreatefromjpeg ("image.jpg");
$rand1 = rand(1,255);
$rand2 = rand(1,255);
$rand3 = rand(1,255);
$color = imagecolorallocate($im, $rand1, $rand2, $rand3);
$text = rand(1000, 9999);
$font = 'text-font.otf';
$size = 30;
imagettftext($im, $size, 0, 70, 45, $color, $font, $text);
imagejpeg($im);
imagedestroy($im);
?>
But if we want to use this image on our sites we must add:

$_SESSION['captcha'] = $text;
on the bottom of our captcha file. So.. now let's make our form secure.

First of all we must start the session

<?php
session_start();
session_start(); - Starts the session

Now I'm using a form for checking that is the security code correct

if(isset($_POST['submit'])){
$ses = $_SESSION['captcha'];
if($ses == $_POST['code']){
echo "Code is correct!";
}else{
echo "Code is incorrect!";
}
if(isset($_POST['submit']) && !empty($_POST['code'])){ - If someone has clicked the submit button let's continue with our script
$ses = $_SESSION['captcha']; - Let's get the captcha code from the session
if($ses == $_POST['code']){ - If captcha's code is same as the code you posted
echo "Code is correct!"; - let's say that the code was correct
}else{ - but if they are not same
echo "Code is incorrect!"; - let's say that the code is not correct
} - This ends the if and else statement

}else{
echo "<img src='captcha.php'><br>";
echo "<form action='' method='post'>"
."<input type='text' name='code'>"
."<input type='submit' name='submit' value='Enter'>"
."</form>";
}
}else{ - If anyone hasnt clicked the submit button let's display our form
echo "<img src='captcha.php'><br>"; - Shows our captcha image
echo "<form action='' method='post'>"
."<input type='text' name='code'>"
."<input type='submit' name='submit' value='Enter'>"
."</form>";
- Our form
} - This ends the if and else statement

Posted Image

And we are done.. that was so simple :)
You can customize this script for your forms :)

Here's the full script:

captcha.php
<?php
session_start();
$im = imagecreatefromjpeg ("image.jpg");
$rand1 = rand(1,255);
$rand2 = rand(1,255);
$rand3 = rand(1,255);
$color = imagecolorallocate($im, $rand1, $rand2, $rand3);
$text = rand(1000, 9999);
$font = 'text-font.otf';
$size = 30;
imagettftext($im, $size, 0, 70, 45, $color, $font, $text);
header('Content-type: image/jpg');
imagejpeg($im);
imagedestroy($im);
$_SESSION['captcha'] = $text;
?>
index.php
<?php
session_start();

if(isset($_POST['submit']) && !empty($_POST['code'])){
$ses = $_SESSION['captcha'];
if($ses == $_POST['code']){
echo "Code is correct!";
}else{
echo "Code is incorrect!";
}
}else{
echo "<img src='captcha.php'><br>";
echo "<form action='' method='post'>"
."<input type='text' name='code'>"
."<input type='submit' name='submit' value='Enter'>"
."</form>";
}
?>
I attached the files also :)
Enjoy!

Attached Files


Edited by Jordan, 07 May 2008 - 09:00 AM.

  • 0

#2 Xav

Xav

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 8,356 posts

Posted 02 May 2008 - 08:43 AM

Thanks, Jaan! There are various premade scripts available, but creating your own is easier to integrate.
I think the other type of captchas are better, where it is just plain black text with a warped line through it. It does not require a background, and so fits in to web pages more smoothly. Nice tutorial, though.
  • 0
If you enjoy reading this discussion and are thinking about commenting, why not click here to register and start participating in under a minute?

#3 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 02 May 2008 - 12:15 PM

thanks :)
  • 0

#4 John

John

    CC Mentor

  • Moderator
  • 4,450 posts
  • Location:New York, NY

Posted 02 May 2008 - 06:45 PM

Thanks, Jaan! There are various premade scripts available, but creating your own is easier to integrate.
I think the other type of captchas are better, where it is just plain black text with a warped line through it. It does not require a background, and so fits in to web pages more smoothly. Nice tutorial, though.


Those types of captchas are useless. I've considered writing a tutorial on how to bypass captchas like that...
  • 0

#5 Xav

Xav

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 8,356 posts

Posted 03 May 2008 - 04:39 AM

Really? I thought it was difficult to distinguish the letters when there was a line through them? How about the fuzzy-letters one?
  • 0
If you enjoy reading this discussion and are thinking about commenting, why not click here to register and start participating in under a minute?

#6 Metanet

Metanet

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 22 May 2008 - 06:04 AM

Thanks for the tutorial
  • 0

#7 knaleffect

knaleffect

    CC Lurker

  • Just Joined
  • Pip
  • 2 posts

Posted 22 May 2008 - 09:08 AM

Thank for the tutorial ;)
  • 0

#8 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 23 May 2008 - 07:20 AM

you're welcome :)
  • 0

#9 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7,563 posts

Posted 25 May 2008 - 12:05 AM

What about the captcha that rapidshare.com has? It has a captcha with 6 digits, but 4 of them have a cat behind them, and you have to write the ones with the cat... does that work the same way?
  • 0

#10 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 25 May 2008 - 04:23 AM

hmmm..this rapidshare thingy is really lame..
that's why i bought a premium account.. :D
uumm.. i believe rapidshare uses a little trick there..
  • 0

#11 kostisf

kostisf

    CC Lurker

  • Just Joined
  • Pip
  • 3 posts

Posted 28 May 2008 - 12:17 AM

Thans Jaan
  • 0

#12 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 28 May 2008 - 02:40 AM

np :)
  • 0