|
 |
|||
| Register--Login--Top 20 Posters--Search Topics |
Forum Main>>Tutorials>>Math Captcha image validation | ||
Chipmunk Rank:Settler of Bobland Group: Head Administrator Posts: 2867 IP Logged PM ID and RPS ID: 1 PM [Chipmunk] View Member Photo | Last replied to on Tue Aug 31, 2010 04:04:25 Edit Post|Quote With all the Captcha decoders these days, its impossible to build a solid Captcha image validator with a string. The solution? Have a captcha that asks simple math addition questions! Decoders are not very good at breaking these. This tutorial will show you how to make a basic math CAPTCHA validtion form. This requires that you have the GD library for PHP installed to work. This tutorial requires 2 files, login.php and action.php. The first step is to create a sub-folder to store the temporary images, for the purposes of this tutorial,this folder should be called images. Now upload a image in there called verify.php and chmod just that image(not the folder) to 777 so that image can change as our functions generate new images. Ok, after you've done that, we can get to the code: in login.php:
The first step is to create the image, the ImageCreate function in php does just that. The 200 and the 40 are the dimensions of the image created. The image created is stored in $img. $white and $black define the text color of the numbers and the background color of the image respectively. In this tutorial, the background color is greenish and the text is black for easy contrast. Next we set the random seed with the srand function. We do this by time so when we do call the random function, we get a different number each time. Then we generated two numbers between one and ten with the rand() function and store them in $string and $string2. In $string3, we combine them to make the actual text on the image. $string3 is not actually the sum of the numbers, it is just the text string and is not numeric. $thevalue is the actual sum of the two numbers when they are added. There's no real reason to set $verification equal to $string3 because we can just directly use $string3 but I do it by habit. Then these lines of code:
Fill the image with our defined ours and stores the image into images/verify.jpeg. Now we have to write the form. Its a pretty basic form. We store the actual value of the answer in the form field 'hidden value', which is a non-visible hidden field. The answer to the math question the user types in is $yourcode. Of couse we have to display images/verify.php so people can actually see what the math question really is. Now we move to action.php:
This is a very simple file that basically gets the two variables from the two input fields from login.php and compares them to see if they are equal. If they are equal, it goes to the "You are correct" case, if they are not equal, it goes to the "your code is incorrect case". In a real application, you would put your actual content in the "You are correct" case and a redirect back to some other page in the "You are incorrect" case. ----------------------------- Chipmunk, Supreme Administrator | |||
| Pain_Man Rank:squirreling Group: members Posts: 170 IP Logged PM ID and RPS ID: 799 [PM Pain_Man] | Posted at Fri Feb 23, 2007 16:35:22 Edit post|Quote Nice ive got the same but with questions | |||
| Chipmunk Rank:Settler of Bobland Group: Head Administrator Posts: 2867 IP Logged PM ID and RPS ID: 1 [PM Chipmunk] View Member Photo | Posted at Fri Feb 23, 2007 22:30:39 Edit post|Quote Well, you could ask random questions on Shakespeare if you want but you need pre-defined answers for those. ----------------------------- Chipmunk, Supreme Administrator | |||
| hackerzlab Rank:acorn Group: members Posts: 6 IP Logged PM ID and RPS ID: 12329 [PM hackerzlab] RPS score: 0 RPS challenge | Posted at Thu Apr 12, 2007 09:50:15 Edit post|Quote how do I put this two together. i'm not able to code them together. The email keeps coming and it just doesn't work out. thank you. ----------------------------- learn to live peacefully/ | |||
| hackerzlab Rank:acorn Group: members Posts: 6 IP Logged PM ID and RPS ID: 12329 [PM hackerzlab] RPS score: 0 RPS challenge | Posted at Thu Apr 12, 2007 09:54:00 Edit post|Quote <?php if(isset($_POST['submit'])) { $yourcode=$_POST['yourcode']; $hiddenvalue=$_POST['hiddenvalue']; if($yourcode==$hiddenvalue) { print "Correct, put your content here"; } else { print "You verification code is not right. Please go back and try again."; } } ?> <?php $adminemail = 'email address'; $version = '1.10'; $controlvars = ' thankspage submitteremail ccsubmitter '; $messagetoadmin = $HTTP_POST_VARS['submitteremail'] ." has filled out a form with this content: "; $messagetosubmitter = "You have submitted a form with the content listed below. thank you. "; while(list($key, $value) = each($HTTP_POST_VARS)) { if (!stristr($controlvars, ' '. $key .' ')) { $messagetoadmin .= $key .': '. $value .' '; $messagetosubmitter .= $key .': '. $value .' '; } } mail($adminemail, 'Form Submitted: '. stripslashes($HTTP_POST_VARS['subject']), stripslashes($messagetoadmin), 'From: '. $HTTP_POST_VARS['submitteremail']); if ($HTTP_POST_VARS['ccsubmitter'] == 'yes') { mail($HTTP_POST_VARS['submitteremail'], 'Form Submitted: '. stripslashes($HTTP_POST_VARS['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail); } if ($_POST['autoresponse'] != '') { $body = geturl($autoresponse); mail($submitteremail, 'Re: '. stripslashes($HTTP_POST_VARS['subject']), stripslashes($body), 'From: '. $adminemail); } header('Location: '. $HTTP_POST_VARS['thankspage']); // just in case redirect doesn't work die('<meta http-eqiv="refresh" content="0;url='. $HTTP_POST_VARS['thankspage'] .'">'); function geturl($url) { if (version_compare("4.3.0", phpversion(), "<")) { $filecontents = @file_get_contents($url); } else { $fd = @fopen($url, 'rb'); $filecontents = @fread ($fd, 30000000); @fclose ($fd); } return $filecontents; } ?> ----------------------------- learn to live peacefully/ | |||
| Chipmunk Rank:Settler of Bobland Group: Head Administrator Posts: 2867 IP Logged PM ID and RPS ID: 1 [PM Chipmunk] View Member Photo | Posted at Thu Apr 12, 2007 12:02:00 Edit post|Quote Where's your form? ----------------------------- Chipmunk, Supreme Administrator | |||
| hackerzlab Rank:acorn Group: members Posts: 6 IP Logged PM ID and RPS ID: 12329 [PM hackerzlab] RPS score: 0 RPS challenge | Posted at Thu Apr 12, 2007 12:34:38 Edit post|Quote sorry i thought you wont need it. i cant seem to code my codes. sorry. <?php $im = ImageCreate(200, 40); //create image $white = ImageColorAllocate($im, 0,0, 0); $black = ImageColorAllocate($im, 120, 200, 68); srand((double)microtime()*1000000); $string = rand(1,10); //the first number $string2=rand(1,10); //the second number $string3="$string + $string2"; $verification = $string3; $thevalue=$string+$string2; ImageFill($im, 0, 0, $black); ImageString($im, 4, 70, 10, $verification, $white); Imagejpeg($im, "images/verify.jpeg"); ImageDestroy($im); print "<form action='formemail.php' method='post'><input type='hidden' name='thankspage' value='thanx.php'><input type='hidden' name='ccsubmitter' value='yes'>"; print "<table><tr><td><font face='Arial' size='2'><b>Name</b></font></td><td>"; print "<input type='text' size='35' maxlength='256' name='name' style='border: 1px solid #000000'></td></tr>"; print "<tr><td><font face='Arial' size='2'><b>E-Mail</b></font></td><td><input type='text' size='35' maxlength='256' name='email' style='border: 1px solid #000000'></td></tr>"; print "<tr><td><font face='Arial' size='2'><b>Location</b></font></td><td><input type='text' size='35' maxlength='256' name='location' style='border: 1px solid #000000'></td></tr>"; print "<tr><td><font face='Arial' size='2'><b>Website</b></font></td><td><input type='text' size='35' maxlength='256' name='website' style='border: 1px solid #000000'></td></tr>"; print "<tr><td><font face='Arial' size='2'><b>Reason</b></font></td><td><input type='text' size='35' maxlength='256' name='website' style='border: 1px solid #000000'></td></tr>"; print "<tr><td><font face='Arial' size='2'><b>Add me</b></font></td><td><input type='hidden' value='$thevalue' name='hiddenvalue'><input type='text' name='yourcode' size='20'><img src='images/verify.jpeg' border='0'> <td></tr>"; print "<tr><td><font face='Arial' size='2'><b>Comment</b></font></td><td><textarea rows='10' name='comment' cols='37' style='border: 1px solid #000000'></textarea></td></tr>"; print "<tr><td></td><td><input type='submit' name='submit' value='::.. Send ..::' style='color: #000000; background-color: #F5F5FF' ></td></tr>"; print "</table></form>"; ?> Please help me. i'm getting the mails but not the way i wanted. Please help me. thank you. ----------------------------- learn to live peacefully/ | |||
| Chipmunk Rank:Settler of Bobland Group: Head Administrator Posts: 2867 IP Logged PM ID and RPS ID: 1 [PM Chipmunk] View Member Photo | Posted at Thu Apr 12, 2007 13:54:59 Edit post|Quote You have to define your problem clearer. What are you getting and what do you want to get? ----------------------------- Chipmunk, Supreme Administrator | |||
| hackerzlab Rank:acorn Group: members Posts: 6 IP Logged PM ID and RPS ID: 12329 [PM hackerzlab] RPS score: 0 RPS challenge | Posted at Thu Apr 12, 2007 14:04:24 Edit post|Quote I want my users to be able to send me mails through the form but after he puts the correct sum. I dont want emails from them unless they fill the "sum" correctly. The script works but keeps sending me mails even though the sum is entered incorrectly. please help. When i get the sum wrong it says, You verification code is not right. Please go back and try again. yet i get mails and so there's no point of using the captcha. ----------------------------- learn to live peacefully/ | |||
| hackerzlab Rank:acorn Group: members Posts: 6 IP Logged PM ID and RPS ID: 12329 [PM hackerzlab] RPS score: 0 RPS challenge | Posted at Fri Apr 13, 2007 12:16:41 Edit post|Quote is anyone there to look into my problem. thank you. I'm not such a coder to understand the codes. Thank you. ----------------------------- learn to live peacefully/ | |||
| sundaramkumar Rank:acorn Group: members Posts: 1 IP Logged PM ID and RPS ID: 12377 [PM sundaramkumar] RPS score: 0 RPS challenge | Posted at Mon Apr 16, 2007 06:26:08 Edit post|Quote
----------------------------- Regards, Kumar S | |||
| hackerzlab Rank:acorn Group: members Posts: 6 IP Logged PM ID and RPS ID: 12329 [PM hackerzlab] RPS score: 0 RPS challenge | Posted at Tue Apr 17, 2007 04:13:13 Edit post|Quote if i do that, the mail will never reach me!! dont you think so?it doesn't work. i think we have to put the mail form in the print "Correct, put your content here"; ----------------------------- learn to live peacefully/ | |||
| Steve Rank:acorn Group: members Posts: 1 IP Logged PM ID and RPS ID: 13260 [PM Steve] RPS score: 0 RPS challenge | Posted at Tue Jul 31, 2007 10:57:14 Edit post|Quote Well, asking simple maths questions is a good idea, but you've missed an important security flaw in your implementation: you include the answer to the question in the code of the form. It's not going to take a genius to write a script to just take the value from your hidden field and submit that as the answer. | |||
| Chipmunk Rank:Settler of Bobland Group: Head Administrator Posts: 2867 IP Logged PM ID and RPS ID: 1 [PM Chipmunk] View Member Photo | Posted at Wed Aug 01, 2007 00:25:43 Edit post|Quote Yes, but 99% percent of these "hackers" are too lazy to do that and most of them couldn't code if their life depended on it. Its safer to include it in a session. ----------------------------- Chipmunk, Supreme Administrator | |||
| karrylogar Rank:acorn Group: members Posts: 1 IP Logged PM ID and RPS ID: 24680 [PM karrylogar] RPS score: 0 RPS challenge | Posted at Thu Oct 08, 2009 02:23:43 Edit post|Quote Some researchers promote image recognition CAPTCHAs as a possible alternative for text-based CAPTCHAs. To date, only RapidShare made use of an image based CAPTCHA. Many amateur users of the phpBB forum software (which has suffered greatly from spam) have implemented an open source image recognition CAPTCHA system in the form of an addon called KittenAuth[29] which in its default form presents a question requiring the user to select a stated type of animal from an array of thumbnail images of assorted animals. The images (and the challenge questions) can be customized, for example to present questions and images which would be easily answered by the forum's target userbase. Furthermore, for a time, RapidShare free users had to get past a CAPTCHA where you had to only enter letters attached to a cat, while others were attached to dogs. This was later removed because users had trouble entering the correct letters. ----------------------------- handbags - earrings - jewelry | |||
| alice Rank:acorn Group: members Posts: 31 IP Logged PM ID and RPS ID: 30842 [PM alice] RPS score: 0 RPS challenge | Posted at Sat Jul 17, 2010 01:08:28 Edit post|Quote Thanks for sharing this post. This is a very helpful and informative material EX0-101 Good post and keep it up. Websites are always helpful in one way or the other, that’s cool stuff, EX0-100 anyways, a good way to get started to renovate your dreams into the world of reality. EC0-350 I will write more in detail after my E22-280 very soon. Thanks | |||
| ping123 Rank:acorn Group: members Posts: 10 IP Logged PM ID and RPS ID: 31806 [PM ping123] RPS score: 0 RPS challenge | Posted at Mon Aug 16, 2010 06:59:15 Edit post|Quote The primary travel is to create the image, the ImageCreate duty in php does meet that. The 200 and the 40 are the dimensions of the ikon created. The ikon created is stored in $img. $white and $black delimitate the book colouration EC0-350 exam of the drawing and the scenery colouration of the ikon respectively. In this tutorial, the scenery colouration is chromatic and the book is black for cushy contrast. Next we ordered the haphazard cum with the srand function EC0-350 questions. We do this by instance so when we do call the haphazard function, we achieve a assorted sort every time. Then we generated digit drawing between one and decade with the rand() duty and accumulation them in $string and $string2. In $string3, we consortium them to attain the actualised book on the image. $string3 is not actually the assets of the numbers, it is meet the book progress and is not numeric. $thevalue is the actualised assets of the digit drawing when they are added. There's no actual think to ordered $verification coequal to $string3 because we be able to meet direct ingest $string3 but I do it by habit exam preparation. | |||
| danie53595 Rank:acorn Group: members Posts: 4 IP Logged PM ID and RPS ID: 32053 [PM danie53595] RPS score: 0 RPS challenge | Posted at Tue Aug 24, 2010 05:11:30 Edit post|Quote One who dont know about it before may get useful information from this post , This one seems to me different type of post......well i wanna say that The way how u tried to explain some posts at here seems to me different 70-290 there are certainly different posts at here,but i didnt find any post related to projects like 70-662 .if someone have information about it,do tell me!Well any updates related to this post?if yes than do tell me!actually i came here while surfing net to get data related to projects of EX0-101 and find this post different one...Is there anyone having information about PMI-001 if yes than do tell me!...any updates?if yes than do tell me! | |||
| abercrombie Rank:acorn Group: members Posts: 3 IP Logged PM ID and RPS ID: 32295 [PM abercrombie] RPS score: 0 RPS challenge | Posted at Tue Aug 31, 2010 04:04:25 Edit post|Quote Since sweater has benn invented Abercrombie and evolved to now, abercrombie and fitch clothing | |||
Page: 1 |