Jump to content

[SOLVED] Anti bot script

qbox

By qbox
in PHP Coding Help

 Share

Recommended Posts

CroNiX Member

CroNiX

Posted
Posted

Basically it generates a random series of numbers/letters using either premade images or created on the fly using the gd library or imagemagick.  It asks you to input the letters/numbers that you see into a textbox and submit.  If you type in what it has stored, it lets you in.  Theres millions of them out there that are free, just be creative with your search terms.  'php create captcha'.

http://www.google.com/search?q=php+create+captcha

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

CAPTCHA in PHP is fairly simple; you can use PHP's gd library (image functions) to make them.

 

It would follow this process:

  1) Make a random string of letters

  2) Store the string in session (not in a hidden field or cookie)

  3) Use PHP's gd library (image functions) to:

        * to create an image

        * populate the image with letters that match the random strings from #1

        * maybe add lines or "noise" so more sophisticated screen-reading bots can't read it... be creative with this, you can even make the letters different sizes and fonts, etc.

  4) compare the string in session and what they entered into the textbox!

 

done!

Link to comment
Share on other sites
qbox Member

qbox

Posted
  • Author
Posted

CAPTCHA in PHP is fairly simple; you can use PHP's gd library (image functions) to make them.

 

It would follow this process:

   1) Make a random string of letters

   2) Store the string in session (not in a hidden field or cookie)

   3) Use PHP's gd library (image functions) to:

         * to create an image

         * populate the image with letters that match the random strings from #1

         * maybe add lines or "noise" so more sophisticated screen-reading bots can't read it... be creative with this, you can even make the letters different sizes and fonts, etc.

   4) compare the string in session and what they entered into the textbox!

 

done!

 

So I can put the letters in the $_SESSION and bots will not be able to read the code from session?

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

Typically yes, because sessions are stored on the server. However, sessions can be hijacked, but it'd be incredibly unlikely a bot could do so. Unless you make it easy for them to do so (you list session ID's of all users on the main page, XD but, if anyone did that, they'd deserve it).

 

Even for people, finding another person's session ID isn't as easy as 123. So it's reasonable to say you can rely on sessions.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.