limitphp Posted November 6, 2008 Share Posted November 6, 2008 I have seen some pre-built modules on the net. Are they easy to build on your own? Is there a way to do a simple one thats secure and not an image? Can you do one with just text? Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/ Share on other sites More sharing options...
flyhoney Posted November 6, 2008 Share Posted November 6, 2008 You should start by typing all 3 of those questions in to google. </obligatory> This is perhaps the most popular captcha system: http://recaptcha.net/ Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684050 Share on other sites More sharing options...
MadnessRed Posted November 6, 2008 Share Posted November 6, 2008 if you want to build your own it is very simple. 1) Create a random string. $string = mt_rand(0,9).mt_rand(0,9).mt_rand(0,9).mt_rand(0,9); 2) Declare that string in a session. $_SESSION['captcha'] = $string; 3) Use GD to create a catchpa img. // Create an image bg of captcha.png $im = ImageCreateFromPNG('captcha.png'); //Define black $black = imagecolorallocate($im, 0, 0, 0); // Path to our font file $font = './arial.ttf'; // Write it imagettftext($im, 10, 0, 0, 10, $black, $font, $_SESSION['captcha']); // Output to browser header('Content-type: image/png'); imagepng($im); imagedestroy($im); requires you to have arial.ttf and catchpa.png in the same folder. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684055 Share on other sites More sharing options...
Mchl Posted November 6, 2008 Share Posted November 6, 2008 Very simple and quite secure without using images could be one that asks for a solution of mathematical equation, e.g.: 2*(2+7)= ? Or even: What day was yesterday? (although this would need some datapicker widget, because people might want to type in '5.10.08', 'Wednesday', 'horrbile' etc ) Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684075 Share on other sites More sharing options...
MadnessRed Posted November 6, 2008 Share Posted November 6, 2008 you could do that, set an array up $cats = array( '1+1=' = > '2', 'The day after Tuesday us' = > 'Wednesday', 'Another question' => 'Another Answer'); Then just do if($_POST['cat_ans'] == $cats[$_POST['cat_qu']]){ some code } Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684089 Share on other sites More sharing options...
Mchl Posted November 6, 2008 Share Posted November 6, 2008 Or: Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684096 Share on other sites More sharing options...
PFMaBiSmAd Posted November 6, 2008 Share Posted November 6, 2008 Math question captchas can be answered by simply passing the string through an eval() statement and should not be used - $string = "2*(2+7)"; eval("\$answer = $string;"); echo $answer; Gives 18 Computers solve math problems and do things like find/replace, copy/replace all day long. Text based questions should require human reasoning to solve them. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684097 Share on other sites More sharing options...
Mchl Posted November 6, 2008 Share Posted November 6, 2008 How about: 'two times fourteen is:' ? Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684102 Share on other sites More sharing options...
harristweed Posted November 6, 2008 Share Posted November 6, 2008 I use a different method that seems to work. To stop botts sending forms, I have (for example) an email form field called antibott. So the variable $antibott hold the users email. I also have a form text field called 'email'. This is in a separate div Using CSS I make this div invisible so humans can't see it!. Therefore if the variable $email is NOT empty the form was filled in by a bott and the form redirects to a page that only botts see! Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684114 Share on other sites More sharing options...
dezkit Posted November 6, 2008 Share Posted November 6, 2008 Or: haha, Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684116 Share on other sites More sharing options...
PFMaBiSmAd Posted November 7, 2008 Share Posted November 7, 2008 How about: 'two times fourteen is:' ? A simple string replace using an array to replace the word form of numbers with the number and things like "time"/"times" with "*" will allow any "understandable" math question to be parsed - <?php $search_arr = array('two','fourteen','times'); // ... array of common word forms $replace_arr = array('2','14','*'); // ... array of equivalent values $string = 'two times fourteen'; $string = str_ireplace($search_arr, $replace_arr, $string); eval("\$answer = $string;"); echo $answer; ?> Any words or symbols that are not in either array would simply be removed from the string. This would remove the "is:" part of the question. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684308 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 I guess any question that is readable on screen is readable by a bot and can be program to be solved, whether its text, numbers, anything. *You will have to have a limited amount of questions if its non-math, and so all answers could be programed. *All math questions, regardless of text or in umber form can be programmed to be solved. I like the invisible form idea. Check to see if a bot filled it out. Although, eventually, I'm sure that can be programmed for as well. So, images work, because there is no way for a bot to figure out what is on that image? Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684576 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 if you want to build your own it is very simple. 1) Create a random string. $string = mt_rand(0,9).mt_rand(0,9).mt_rand(0,9).mt_rand(0,9); 2) Declare that string in a session. $_SESSION['captcha'] = $string; 3) Use GD to create a catchpa img. // Create an image bg of captcha.png $im = ImageCreateFromPNG('captcha.png'); //Define black $black = imagecolorallocate($im, 0, 0, 0); // Path to our font file $font = './arial.ttf'; // Write it imagettftext($im, 10, 0, 0, 10, $black, $font, $_SESSION['captcha']); // Output to browser header('Content-type: image/png'); imagepng($im); imagedestroy($im); requires you to have arial.ttf and catchpa.png in the same folder. I'm using wamp server php 5.2.6 Which folder do I put arial.ttf and captcha.png? Where do I get a captcha.png file? Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684581 Share on other sites More sharing options...
Mchl Posted November 7, 2008 Share Posted November 7, 2008 According to the example above, arial.ttf should be one folder above script (So C:\wamp\www\ if your script is in C:\wamp\www\captcha\), and captcha.png in same folder as the script. captcha.png you must create yourself. It will be a background for your captcha, Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684584 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 Ok, I created a captcha.png and put it in the C:\wamp\www\website folder. And I put the arial.ttf file in the C:\wamp\www folder. How do i display the captcha image? I tried echoing the $im variable, but I got an error saying "image cannot be displayed because it contains errors". Ok, I'm not echoing the $im , and i'm still getting the image contains errors message. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684607 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 it says: The image "http://localhost/website/register.php" cannot be displayed because it contains errors." Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684613 Share on other sites More sharing options...
Adam Posted November 7, 2008 Share Posted November 7, 2008 Well you need to store the captcha code in a seperate PHP file, perhaps named "captcha.php"? then display it as normal image: <img src="captcha.php" alt="Enter what you see!" /> So, images work, because there is no way for a bot to figure out what is on that image? Not true. Some talented people out there can create font recognition scripts to read the text - which is why they're always adding squiggly lines and very hard to read fonts. Didn't google mail's captcha image get broken a little while ago? Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684620 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 Ok, so I stored this code as a seperate file, captcha.php. <?php $string = mt_rand(0,9).mt_rand(0,9).mt_rand(0,9).mt_rand(0,9); $_SESSION['captcha'] = $string; // Create an image bg of captcha.png $im = ImageCreateFromPNG('captcha.png'); //Define black $black = imagecolorallocate($im, 0, 0, 0); // Path to our font file $font = './arial.ttf'; // Write it imagettftext($im, 10, 0, 0, 10, $black, $font, $_SESSION['captcha']); // Output to browser header('Content-type: image/png'); imagepng($im); imagedestroy($im); ?> Thats the entire captcha page. In my register.php I put an img tag with captcha.php as the src <IMG SRC="captcha.php"/> and the image is not showing up. Not even an outline of an image. The captcha.png is in the same folder as the captcha.php file. The arial.ttf is in the folder above it.... Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684635 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 Not true. Some talented people out there can create font recognition scripts to read the text - which is why they're always adding squiggly lines and very hard to read fonts. Didn't google mail's captcha image get broken a little while ago? What if they add a primary color with text to the image? Like yellow, blue, red, green, black. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684645 Share on other sites More sharing options...
Adam Posted November 7, 2008 Share Posted November 7, 2008 Hah some clever clog will figure it out if they really wanted.. i imagine? Have you tried going to captcha.php in your browser and seeing if you get an error? Adam Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684647 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 Hah some clever clog will figure it out if they really wanted.. i imagine? Have you tried going to captcha.php in your browser and seeing if you get an error? Adam Yea, it says the same thing, The image "http://localhost/website/captcha.php" cannot be displayed because it contains errors." There must be other code involved? It can't be that easy to have php setup an image.... Maybe there are some png settings I forgot in my php.ini file? Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684659 Share on other sites More sharing options...
PFMaBiSmAd Posted November 7, 2008 Share Posted November 7, 2008 Color/contrast differences added to an image just make it hard for humans to read. A computer can change or filter any color or difference in contrast out of an image. Computers can also filter "noise" out of images, such as thin lines or small dots, leaving just the characters. A good image captcha would have "noise" in the image that cannot be distinguished from the elements of the characters, so that mathematically filtering out the noise would remove enough elements of the characters so that you could not determine what the original characters were. Also, the characters must not be in predictable locations so that you can put boxes around them to isolate them from the noise in the image. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684663 Share on other sites More sharing options...
limitphp Posted November 7, 2008 Author Share Posted November 7, 2008 since the code didn't work, I used repcaptcha.com. Its up and running and working. I was suprised at how easy it was to integrate their captcha. The only thing is, I don't like being dependent on another website. If my website ever takes off and becomes popular I'll probably have to create my own captcha. Of course, thats a HUGE if. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684672 Share on other sites More sharing options...
Mchl Posted November 7, 2008 Share Posted November 7, 2008 You could probably devise a fallback system, that will use your captcha whenever reCaptcha server is unavailable. Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684679 Share on other sites More sharing options...
MadnessRed Posted December 23, 2008 Share Posted December 23, 2008 According to the example above, arial.ttf should be one folder above script (So C:\wamp\www\ if your script is in C:\wamp\www\captcha\), and captcha.png in same folder as the script. captcha.png you must create yourself. It will be a background for your captcha, sorry that was wrong ../ means directory above ./ means this directory. the ttf and image should both be in same directory as the php file so C:\wamp\www\captcha\ Quote Link to comment https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-722306 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.