Jump to content




Recent Status Updates

  • Photo
      30 Sep
    rhossis

    laptop hard disk seated beneath motherboard but with no access panel. 7 hours to replace :(

    Show comments (3)
  • Photo
      19 Sep
    Chall

    I love it when you go to write a help thread, then while writing, you reach an enlightenment, and figure it out yourself.

    Show comments (3)
View All Updates

Developed by TechBiz Xccelerator
- - - - -

Creation of captcha / Part II /Secure forms


  • Please log in to reply
47 replies to this topic

#1 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 29 April 2008 - 05:20 AM

Okay here's our code of this captcha image:

<?php
header('Content-type: image/jpg');
$im = imagecreatefromjpeg ("image.jpg");
$rand1 = rand(1,255);
$rand2 = rand(1,255);
$rand3 = rand(1,255);
$color = imagecolorallocate($im, $rand1, $rand2, $rand3);
$text = rand(1000, 9999);
$font = 'text-font.otf';
$size = 30;
imagettftext($im, $size, 0, 70, 45, $color, $font, $text);
imagejpeg($im);
imagedestroy($im);
?>
But if we want to use this image on our sites we must add:

$_SESSION['captcha'] = $text;
on the bottom of our captcha file. So.. now let's make our form secure.

First of all we must start the session

<?php
session_start();
session_start(); - Starts the session

Now I'm using a form for checking that is the security code correct

if(isset($_POST['submit'])){
$ses = $_SESSION['captcha'];
if($ses == $_POST['code']){
echo "Code is correct!";
}else{
echo "Code is incorrect!";
}
if(isset($_POST['submit']) && !empty($_POST['code'])){ - If someone has clicked the submit button let's continue with our script
$ses = $_SESSION['captcha']; - Let's get the captcha code from the session
if($ses == $_POST['code']){ - If captcha's code is same as the code you posted
echo "Code is correct!"; - let's say that the code was correct
}else{ - but if they are not same
echo "Code is incorrect!"; - let's say that the code is not correct
} - This ends the if and else statement

}else{
echo "<img src='captcha.php'><br>";
echo "<form action='' method='post'>"
."<input type='text' name='code'>"
."<input type='submit' name='submit' value='Enter'>"
."</form>";
}
}else{ - If anyone hasnt clicked the submit button let's display our form
echo "<img src='captcha.php'><br>"; - Shows our captcha image
echo "<form action='' method='post'>"
."<input type='text' name='code'>"
."<input type='submit' name='submit' value='Enter'>"
."</form>";
- Our form
} - This ends the if and else statement

Posted Image

And we are done.. that was so simple :)
You can customize this script for your forms :)

Here's the full script:

captcha.php
<?php
session_start();
$im = imagecreatefromjpeg ("image.jpg");
$rand1 = rand(1,255);
$rand2 = rand(1,255);
$rand3 = rand(1,255);
$color = imagecolorallocate($im, $rand1, $rand2, $rand3);
$text = rand(1000, 9999);
$font = 'text-font.otf';
$size = 30;
imagettftext($im, $size, 0, 70, 45, $color, $font, $text);
header('Content-type: image/jpg');
imagejpeg($im);
imagedestroy($im);
$_SESSION['captcha'] = $text;
?>
index.php
<?php
session_start();

if(isset($_POST['submit']) && !empty($_POST['code'])){
$ses = $_SESSION['captcha'];
if($ses == $_POST['code']){
echo "Code is correct!";
}else{
echo "Code is incorrect!";
}
}else{
echo "<img src='captcha.php'><br>";
echo "<form action='' method='post'>"
."<input type='text' name='code'>"
."<input type='submit' name='submit' value='Enter'>"
."</form>";
}
?>
I attached the files also :)
Enjoy!

Attached Files


Edited by Jordan, 07 May 2008 - 09:00 AM.

  • 0

#2 Xav

Xav

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 8,356 posts

Posted 02 May 2008 - 08:43 AM

Thanks, Jaan! There are various premade scripts available, but creating your own is easier to integrate.
I think the other type of captchas are better, where it is just plain black text with a warped line through it. It does not require a background, and so fits in to web pages more smoothly. Nice tutorial, though.
  • 0
If you enjoy reading this discussion and are thinking about commenting, why not click here to register and start participating in under a minute?

#3 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 02 May 2008 - 12:15 PM

thanks :)
  • 0

#4 John

John

    CC Mentor

  • Moderator
  • 4,450 posts
  • Location:New York, NY

Posted 02 May 2008 - 06:45 PM

Thanks, Jaan! There are various premade scripts available, but creating your own is easier to integrate.
I think the other type of captchas are better, where it is just plain black text with a warped line through it. It does not require a background, and so fits in to web pages more smoothly. Nice tutorial, though.


Those types of captchas are useless. I've considered writing a tutorial on how to bypass captchas like that...
  • 0

#5 Xav

Xav

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 8,356 posts

Posted 03 May 2008 - 04:39 AM

Really? I thought it was difficult to distinguish the letters when there was a line through them? How about the fuzzy-letters one?
  • 0
If you enjoy reading this discussion and are thinking about commenting, why not click here to register and start participating in under a minute?

#6 Metanet

Metanet

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 22 May 2008 - 06:04 AM

Thanks for the tutorial
  • 0

#7 knaleffect

knaleffect

    CC Lurker

  • Just Joined
  • Pip
  • 2 posts

Posted 22 May 2008 - 09:08 AM

Thank for the tutorial ;)
  • 0

#8 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 23 May 2008 - 07:20 AM

you're welcome :)
  • 0

#9 TcM

TcM

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 7,563 posts

Posted 25 May 2008 - 12:05 AM

What about the captcha that rapidshare.com has? It has a captcha with 6 digits, but 4 of them have a cat behind them, and you have to write the ones with the cat... does that work the same way?
  • 0

#10 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 25 May 2008 - 04:23 AM

hmmm..this rapidshare thingy is really lame..
that's why i bought a premium account.. :D
uumm.. i believe rapidshare uses a little trick there..
  • 0

#11 kostisf

kostisf

    CC Lurker

  • Just Joined
  • Pip
  • 3 posts

Posted 28 May 2008 - 12:17 AM

Thans Jaan
  • 0

#12 Guest_Jaan_*

Guest_Jaan_*
  • Guest

Posted 28 May 2008 - 02:40 AM

np :)
  • 0




Powered by binpress