Jump to content

Recommended Posts

if you want to build your own it is very simple.

 

1) Create a random string.

$string = mt_rand(0,9).mt_rand(0,9).mt_rand(0,9).mt_rand(0,9);

 

2) Declare that string in a session.

$_SESSION['captcha'] = $string;

 

3) Use GD to create a catchpa img.

// Create an image bg of captcha.png
$im = ImageCreateFromPNG('captcha.png');

//Define black
$black = imagecolorallocate($im, 0, 0, 0);

// Path to our font file
$font = './arial.ttf';

// Write it
imagettftext($im, 10, 0, 0, 10, $black, $font, $_SESSION['captcha']);

// Output to browser
header('Content-type: image/png');

imagepng($im);
imagedestroy($im);

 

requires you to have arial.ttf and catchpa.png in the same folder.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684055
Share on other sites

Very simple and quite secure without using images could be one that asks for a solution of mathematical equation, e.g.:

2*(2+7)= ?

 

Or even:

What day was yesterday?

(although this would need some datapicker widget, because people might want to type in '5.10.08', 'Wednesday', 'horrbile' etc :P )

 

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684075
Share on other sites

Math question captchas can be answered by simply passing the string through an eval() statement and should not be used -

 

$string = "2*(2+7)";
eval("\$answer = $string;");
echo $answer;

Gives 18

 

Computers solve math problems and do things like find/replace, copy/replace all day long. Text based questions should require human reasoning to solve them.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684097
Share on other sites

I use a different method that seems to work. To stop botts sending forms, I have (for example) an email form field called antibott. So the variable $antibott hold the users email. I also have a form text field called 'email'. This is in a separate div Using CSS I make this div invisible so humans can't see it!. Therefore if the variable $email is NOT empty the form was filled in by a bott and the form redirects to a page that only botts see!

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684114
Share on other sites

How about: 'two times fourteen is:' ? :P

A simple string replace using an array to replace the word form of numbers with the number and things like "time"/"times" with "*" will allow any "understandable" math question to be parsed -

 

<?php
$search_arr = array('two','fourteen','times'); // ... array of common word forms
$replace_arr = array('2','14','*'); // ... array of equivalent values

$string = 'two times fourteen';
$string = str_ireplace($search_arr, $replace_arr, $string);
eval("\$answer = $string;");
echo $answer;
?>

Any words or symbols that are not in either array would simply be removed from the string. This would remove the "is:" part of the question.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684308
Share on other sites

I guess any question that is readable on screen is readable by a bot and can be program to be solved, whether its text, numbers, anything.

 

*You will have to have a limited amount of questions if its non-math, and so all answers could be programed.

 

*All math questions, regardless of text or in umber form can be programmed to be solved.

 

I like the invisible form idea.  Check to see if a bot filled it out.  Although, eventually, I'm sure that can be programmed for as well.

 

So, images work, because there is no way for a bot to figure out what is on that image?

 

 

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684576
Share on other sites

if you want to build your own it is very simple.

 

1) Create a random string.

$string = mt_rand(0,9).mt_rand(0,9).mt_rand(0,9).mt_rand(0,9);

 

2) Declare that string in a session.

$_SESSION['captcha'] = $string;

 

3) Use GD to create a catchpa img.

// Create an image bg of captcha.png
$im = ImageCreateFromPNG('captcha.png');

//Define black
$black = imagecolorallocate($im, 0, 0, 0);

// Path to our font file
$font = './arial.ttf';

// Write it
imagettftext($im, 10, 0, 0, 10, $black, $font, $_SESSION['captcha']);

// Output to browser
header('Content-type: image/png');

imagepng($im);
imagedestroy($im);

 

requires you to have arial.ttf and catchpa.png in the same folder.

 

I'm using wamp server php 5.2.6

Which folder do I put arial.ttf and captcha.png?

Where do I get a captcha.png file?

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684581
Share on other sites

According to the example above, arial.ttf should be one folder above script (So  C:\wamp\www\ if your script is in C:\wamp\www\captcha\), and captcha.png in same folder as the script. captcha.png you must create yourself. It will be a background for your captcha,

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684584
Share on other sites

Ok, I created a captcha.png and put it in the C:\wamp\www\website folder. 

And I put the arial.ttf file in the C:\wamp\www folder.

 

How do i display the captcha image?

I tried echoing the $im variable, but I got an error saying "image cannot be displayed because it contains errors".

 

Ok, I'm not echoing the $im , and i'm still getting the image contains errors message.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684607
Share on other sites

Well you need to store the captcha code in a seperate PHP file, perhaps named "captcha.php"? then display it as normal image:

 

<img src="captcha.php" alt="Enter what you see!" />

 

So, images work, because there is no way for a bot to figure out what is on that image?

 

Not true. Some talented people out there can create font recognition scripts to read the text - which is why they're always adding squiggly lines and very hard to read fonts. Didn't google mail's captcha image get broken a little while ago?

 

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684620
Share on other sites

Ok, so I stored this code as a seperate file, captcha.php.

<?php
$string = mt_rand(0,9).mt_rand(0,9).mt_rand(0,9).mt_rand(0,9);
$_SESSION['captcha'] = $string;
// Create an image bg of captcha.png
$im = ImageCreateFromPNG('captcha.png');

//Define black
$black = imagecolorallocate($im, 0, 0, 0);

// Path to our font file
$font = './arial.ttf';

// Write it
imagettftext($im, 10, 0, 0, 10, $black, $font, $_SESSION['captcha']);

// Output to browser
header('Content-type: image/png');

imagepng($im);
imagedestroy($im);
?>

 

Thats the entire captcha page.

In my register.php I put an img tag with captcha.php as the src

<IMG SRC="captcha.php"/>

and the image is not showing up. Not even an outline of an image.

 

The captcha.png is in the same folder as the captcha.php file.

The arial.ttf is in the folder above it....

 

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684635
Share on other sites

Not true. Some talented people out there can create font recognition scripts to read the text - which is why they're always adding squiggly lines and very hard to read fonts. Didn't google mail's captcha image get broken a little while ago?

 

 

What if they add a primary color with text to the image?

Like yellow, blue, red, green, black.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684645
Share on other sites

Hah some clever clog will figure it out if they really wanted.. i imagine?

 

Have you tried going to captcha.php in your browser and seeing if you get an error?

 

Adam

 

Yea, it says the same thing,

The image "http://localhost/website/captcha.php" cannot be displayed because it contains errors."

 

There must be other code involved?

It can't be that easy to have php setup an image....

Maybe there are some png settings I forgot in my php.ini file?

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684659
Share on other sites

Color/contrast differences added to an image just make it hard for humans to read. A computer can change or filter any color or difference in contrast out of an image. Computers can also filter "noise" out of images, such as thin lines or small dots, leaving just the characters.

 

A good image captcha would have "noise" in the image that cannot be distinguished from the elements of the characters, so that mathematically filtering out the noise would remove enough elements of the characters so that you could not determine what the original characters were. Also, the characters must not be in predictable locations so that you can put boxes around them to isolate them from the noise in the image.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684663
Share on other sites

since the code didn't work, I used repcaptcha.com.

Its up and running and working.  I was suprised at how easy it was to integrate their captcha.

The only thing is, I don't like being dependent on another website.

If my website ever takes off and becomes popular I'll probably have to create my own captcha.

Of course, thats a HUGE if.

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-684672
Share on other sites

  • 1 month later...

According to the example above, arial.ttf should be one folder above script (So  C:\wamp\www\ if your script is in C:\wamp\www\captcha\), and captcha.png in same folder as the script. captcha.png you must create yourself. It will be a background for your captcha,

 

sorry that was wrong

 

../ means directory above

./ means this directory.

 

the ttf and image should both be in same directory as the php file so C:\wamp\www\captcha\

Link to comment
https://forums.phpfreaks.com/topic/131693-php-captchas/#findComment-722306
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.