Jump to content

[SOLVED] Anti bot script

qbox

By qbox
in PHP Coding Help

Recommended Posts

CroNiX Member

CroNiX

Posted
Posted

Basically it generates a random series of numbers/letters using either premade images or created on the fly using the gd library or imagemagick.  It asks you to input the letters/numbers that you see into a textbox and submit.  If you type in what it has stored, it lets you in.  Theres millions of them out there that are free, just be creative with your search terms.  'php create captcha'.

http://www.google.com/search?q=php+create+captcha

Guest

Guest

Posted
Posted

CAPTCHA in PHP is fairly simple; you can use PHP's gd library (image functions) to make them.

 

It would follow this process:

  1) Make a random string of letters

  2) Store the string in session (not in a hidden field or cookie)

  3) Use PHP's gd library (image functions) to:

        * to create an image

        * populate the image with letters that match the random strings from #1

        * maybe add lines or "noise" so more sophisticated screen-reading bots can't read it... be creative with this, you can even make the letters different sizes and fonts, etc.

  4) compare the string in session and what they entered into the textbox!

 

done!

qbox Member

qbox

Posted
  • Author
Posted

CAPTCHA in PHP is fairly simple; you can use PHP's gd library (image functions) to make them.

 

It would follow this process:

   1) Make a random string of letters

   2) Store the string in session (not in a hidden field or cookie)

   3) Use PHP's gd library (image functions) to:

         * to create an image

         * populate the image with letters that match the random strings from #1

         * maybe add lines or "noise" so more sophisticated screen-reading bots can't read it... be creative with this, you can even make the letters different sizes and fonts, etc.

   4) compare the string in session and what they entered into the textbox!

 

done!

 

So I can put the letters in the $_SESSION and bots will not be able to read the code from session?

Guest

Guest

Posted
Posted

Typically yes, because sessions are stored on the server. However, sessions can be hijacked, but it'd be incredibly unlikely a bot could do so. Unless you make it easy for them to do so (you list session ID's of all users on the main page, XD but, if anyone did that, they'd deserve it).

 

Even for people, finding another person's session ID isn't as easy as 123. So it's reasonable to say you can rely on sessions.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.