[SOLVED] Preventing BOT Attacks using a Recapture

[stublackett]

Hi,

 

Someone before me has made an Anti Spam image reader in PHP... To tell you the truth I'm struggling to see how it works

 

I can see the principles of it, But my key concern is that he has loaded the PHP Script into an <img src

 

Like this

<img src=image_confirm.php" />

 

I didnt know you could do this? It was working, But now it isnt... Any ideas how I can get it to work?

 

The key areas in the form script are :

 

			<tr><td align="right"><br />

							<? if(@$_GET["error"]==2) { ?>
				  <span class="style12"> The Code you entered was incorrect</span>
				  <? } else { ?>
				  <span class="style11">Please enter the code you see below</span> 
				  <? } ?>
							<br /><img src=image_confirm.php" />
							</td>

 

The image_confirm.php Script is as follows :

 

<?php
/*
Experimental Confirmation GIF output script
For use with forms to prevent botting
*/


$image = imagecreatetruecolor(150,50);
$text_colour = imagecolorallocate($image, 255, 0, 0);
$text_colour2 = imagecolorallocate($image, 00, 0, 0);
$line_colour = imagecolorallocate($image, 200, 0, 0);
$line_colour2 = imagecolorallocate($image, 00, 200, 0);
$line_colour3 = imagecolorallocate($image, 00, 0, 200);
$bg_colour = imagecolorallocate($image, 255, 255, 255);
$font = 'ashcanbb_bold';
$pattern = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
$randomtext = "";
for($i = 0; $i < 6; $i++) {
$randomtext .= $pattern{rand(0,25)};
}
@session_start();
$_SESSION['Randconf'] = md5($randomtext);
imagefill($image,0,0,$bg_colour) or die("Couldn't fill image");
imagettftext($image, 20, 10, 11,44, $text_colour2, $font, $randomtext);
imagettftext($image, 20, 10, 12,45, $text_colour, $font, $randomtext);
for($i = 0; $i < 180; $i += 10) {
imageline($image,$i-25,0,$i,50,$line_colour2);
imageline($image,150-($i-25),0,150-$i,50,$line_colour3);


}
@header("Content-type: image/gif");
imagegif($image);
imagedestroy($image);


?>

[JonnoTheDev]

you can do this beacause the output of the php source code is a gif image:

header("Content-type: image/gif");

 

What isnt working? Is this just a CAPTCHA image?

[PFMaBiSmAd]

Please remove the @ signs from the session_start() and the header() statement. Code will not normally generate errors and the errors that are being generated are pointing to the cause of the problem.

[stublackett]

you can do this beacause the output of the php source code is a gif image:

header("Content-type: image/gif");

 

What isnt working? Is this just a CAPTCHA image?

 

Thats correct Neil, The image isnt loading...

[The Little Guy]

I know that this one works if you want to give it a try:

 

http://phpsnips.com/snippet.php?id=43

[JonnoTheDev]

Run the script standalone rather than using the IMG SRC tag i.e. www.yourdomain.com/captchascript.php

Remove all error supressing @ in the script.

Do you get any errors? It should just display an image.

 

Have you moved the site to another server. You need the GD libraries for this to work.

[stublackett]

I'm getting 2 errors after removing the @ sign from the code....

 

I'm getting :

 

Warning: imagettftext() [function.imagettftext]: Invalid font filename in E:\domains\b\blairdrummond.com\user\htdocs\general\image_confirm.php on line 24

 

Warning: imagettftext() [function.imagettftext]: Invalid font filename in E:\domains\b\blairdrummond.com\user\htdocs\general\image_confirm.php on line 25

 

Lines 24 & 25 being :

 

<?php
imagettftext($image, 20, 10, 11,44, $text_colour2, $font, $randomtext);
imagettftext($image, 20, 10, 12,45, $text_colour, $font, $randomtext);
?>

[stublackett]

*SOLVED*

 

The "font" error was pretty self explantory

 

I uploaded a font to the server and linked to it, All works now... Cheers gents