Need image authentication code for guestbook/email form HELP

 
Post new topic   Reply to topic    Aprelium Forum Index -> PHP
View previous topic :: View next topic  
Author Message
Gannyaa
-


Joined: 29 Sep 2006
Posts: 93
Location: Nelson, BC -- Canada

PostPosted: Wed Jan 24, 2007 6:08 pm    Post subject: Need image authentication code for guestbook/email form HELP Reply with quote

I have been looking searching this forum for an authenication PHP code to add to my existing comment, email form. This form is a hack of various forms all put together into one.

So far I learned how to validate the form fields, but now would like an image authentication script to stop spam.

example of code in action:
http://wynston.no-ip.biz/wynston/poetry.htm

Help
_________________
Todd (Gannyaa)
http://iGannyaa.bebo.com/
http://haidavision.no-ip.info/gannyaa/newblog.htm
Back to top View user's profile Send private message Send e-mail Visit poster's website
AbyssUnderground
-


Joined: 31 Dec 2004
Posts: 3855

PostPosted: Wed Jan 24, 2007 6:11 pm    Post subject: Reply with quote

I created one for my site with the help from cmx, its only basic, but it uses sessions to pass the code from the image to the validation submission. Thats about all the help I can give on it since I don't quite understand how it works fully myself yet. I just made it and let it do its thing. I never had time to disect the workings of it.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk
Back to top View user's profile Send private message Visit poster's website
aprelium
-


Joined: 22 Mar 2002
Posts: 6800

PostPosted: Thu Jan 25, 2007 11:37 am    Post subject: Re: Need image authentication code for guestbook/email form Reply with quote

Gannyaa,

http://www.google.com/search?hl=en&q=php+captcha should give you several ready to use Captcha scripts in PHP.
_________________
Support Team
Aprelium - http://www.aprelium.com
Back to top View user's profile Send private message Send e-mail
cmxflash
-


Joined: 11 Dec 2004
Posts: 872

PostPosted: Thu Jan 25, 2007 2:22 pm    Post subject: Reply with quote

Here's a captcha script I found a while ago on the internet. I've modified it a bit to make it look better. Note that you'll need to put an image named src.png in the same folder, it's used as the background.

Here's an example of an image generated by this script:


Code:
<?php
error_reporting(0);
session_start();
//Captcha-code 2006 by J. Domburg/Sprite_tm. This software is licensed under the
//GNU LGPL. See http://www.gnu.org/licenses/lgpl.html for more info.

//This captcha was modified by Kisom.

$SIZEX=500;
$SIZEY=100;
$FONT=rand(2,4);
$MAGN=rand(3,5);
$SAMELIMIT=0;
$TRANS=rand(6,9)/10;
if (!isset($_SESSION['captcha_numb'])) {
   $_SESSION['captcha_numb'] = rand(1, 50000).rand(1, 50000);
}
$txt=$_SESSION['captcha_numb'];

$src=imagecreatefrompng("src.png");
$captcha=imagecreatetruecolor($SIZEX,$SIZEY);

$xpos=rand(0,imagesx($src)-$SIZEX);
$ypos=rand(0,imagesy($src)-$SIZEY);
imagecopy($captcha,$src,0,0,$xpos,$ypos,$SIZEX,$SIZEY);

$textfield=imagecreate(imagefontwidth($FONT)*strlen($txt),imagefontheight($FONT));
imagestring($textfield,$FONT,0,0,$txt,1);

$dr=rand(25,50);
$doff=rand(0,3.14);
$pr=rand(140,255);
$pg=rand(140,255);
$pb=rand(140,255);

$img_bg = rand(1, 5);
$img_bg2 = rand(1, 5);
$ox=rand(0,$SIZEX-(imagesx($textfield)*$MAGN));
for ($x=0; $x<imagesx($textfield)*$MAGN; $x++) {
    $offs=($SIZEY/2)-(imagesy($textfield)*$MAGN/2)+sin($x/$dr+$doff)*(($SIZEY/2)-(imagesy($textfield)*$MAGN/2));
    for ($y=0; $y<imagesy($textfield)*$MAGN; $y++) {
    if (imagecolorat($textfield,$x/$MAGN,$y/$MAGN)==1) {
        $p=imagecolorat($captcha,$x+$ox,$y+$offs);
        $r=(($p)&0xff);
        $g=(($p>>8)&0xff);
        $b=(($p>>16)&0xff);
        $r=($r*(1-$TRANS)+$pr*$TRANS);
        if (abs($pr-$r)<$SAMELIMIT) $r+=$SAMELIMIT;
        $g=($g*(1-$TRANS)+$pg*$TRANS);
        if (abs($pg-$g)<$SAMELIMIT) $g+=$SAMELIMIT;
        $b=($b*(1-$TRANS)+$pb*$TRANS);
        if (abs($pb-$b)<$SAMELIMIT) $b+=$SAMELIMIT;
        if ($g>255) $r-=255;
        if ($g>255) $g-=255;
        if ($b>255) $b-=255;
        $r2 = rand(0, 50);
        $b2 = rand(0, 50);
        $g2 = rand(0, 50);
        imagesetpixel($captcha,$x+$ox+$img_bg,$y+$offs+$img_bg2,$r2+($g2<<8)+($b2<<16));
        imagesetpixel($captcha,$x+$ox,$y+$offs,$r+($g<<8)+($b<<16));
    }
    }
}
header("Content-type: image/png");
imagepng($captcha);
?>
Back to top View user's profile Send private message
Gannyaa
-


Joined: 29 Sep 2006
Posts: 93
Location: Nelson, BC -- Canada

PostPosted: Thu Jan 25, 2007 5:03 pm    Post subject: Nice clean code ... Reply with quote

CMX this looks great... I didn't know these scripts were called CAPTCHA scripts.

From what you have shown here. the $txt is the pass code in the image.

Check input from user and match with $txt to authenticate !

Can I eliminate the first 2 lines? I would like to insert it into my existing code... Thought I ask to make sure that this isn't a stand alone script.

I'm lookin' at the other scripts too...

I was wondering if I should just allow one comment per user... this definitely would stop spam... (like a rater script)

Thanks!!!
_________________
Todd (Gannyaa)
http://iGannyaa.bebo.com/
http://haidavision.no-ip.info/gannyaa/newblog.htm
Back to top View user's profile Send private message Send e-mail Visit poster's website
cmxflash
-


Joined: 11 Dec 2004
Posts: 872

PostPosted: Thu Jan 25, 2007 5:58 pm    Post subject: Re: Nice clean code ... Reply with quote

Gannyaa wrote:
CMX this looks great... I didn't know these scripts were called CAPTCHA scripts.

From what you have shown here. the $txt is the pass code in the image.

Check input from user and match with $txt to authenticate !

Can I eliminate the first 2 lines? I would like to insert it into my existing code... Thought I ask to make sure that this isn't a stand alone script.

I'm lookin' at the other scripts too...

I was wondering if I should just allow one comment per user... this definitely would stop spam... (like a rater script)

Thanks!!!


Yes, it's a standalone script. It generates a random number and saves it into $_SESSION['captcha_numb']. Your script should check if the session data is the same as what the user entered. Don't forget to use isset() as well to check if $_SESSION['captcha_numb'] really exists.

Code:
if (!isset($_SESSION['captcha_numb'])) {
   $_SESSION['captcha_numb'] = rand(1, 50000).rand(1, 50000);
}

You may remove this code and replace it with whatever you want. It's only used to generate a new random number if the session data does not exist.
Back to top View user's profile Send private message
pkSML
-


Joined: 29 May 2006
Posts: 952
Location: Michigan, USA

PostPosted: Fri Jan 26, 2007 3:13 am    Post subject: Reply with quote

Here's a script I made myself and have been using successfully to stop spam guestbook submissions --> http://stephen.calvarybucyrus.org/redirect.php?code=simple_captcha

Hope it might help ya', Gannyaa!

PS Thanks cmxflash for that captcha script.
_________________
Stephen
Need a LitlURL?


http://CodeBin.yi.org
Back to top View user's profile Send private message Visit poster's website
cmxflash
-


Joined: 11 Dec 2004
Posts: 872

PostPosted: Fri Jan 26, 2007 11:07 am    Post subject: Reply with quote

pkSML wrote:
Here's a script I made myself and have been using successfully to stop spam guestbook submissions --> http://stephen.calvarybucyrus.org/redirect.php?code=simple_captcha

Hope it might help ya', Gannyaa!

PS Thanks cmxflash for that captcha script.


You'll need to save the captcha data in a session instead of sending it to the image trough GET. Sure, it's not the same number as you send to the image that is displayed, but it's pretty clear you're using (($GET_NUMBER*4)-18).
Back to top View user's profile Send private message
Gannyaa
-


Joined: 29 Sep 2006
Posts: 93
Location: Nelson, BC -- Canada

PostPosted: Fri Jan 26, 2007 4:53 pm    Post subject: Okay so .... this is how I ... Reply with quote

Okay so .... is this how I add that captcha script to my existing php comment code?

:?: Do I place the code at the beginning before any part of the page is rendered, like the Administrator's Password below? Can I have two sessions running on the same Page... Not sure about sessions.

Code:
<?php
session_start();
$option = $_GET['option'];
$adminpassword = "password";
$leavespace = 1;
if($option == "login")   {
   $passcheck = $_POST['password'];
   if($passcheck == $adminpassword) {
      $_SESSION['pass'] = $passcheck;
      $option = "view"; }
   else {
      echo("<center>");
      echo("You have entered an incorrect password, click <a href='?option=admin'>here</a> to return.");
      echo("</center>"); }
   }

?>

<html>
<head>
</head><body>


I am learning PHP slowly, but gettin there. I find it a lot like Javascript... easy to read anyways.
_________________
Todd (Gannyaa)
http://iGannyaa.bebo.com/
http://haidavision.no-ip.info/gannyaa/newblog.htm
Back to top View user's profile Send private message Send e-mail Visit poster's website
cmxflash
-


Joined: 11 Dec 2004
Posts: 872

PostPosted: Wed Jan 31, 2007 5:33 pm    Post subject: Reply with quote

This script will check if the captcha code is valid:

Code:
<?php

session_start();

if (isset($_SESSION['captcha_numb']) && $_SESSION['captcha_numb'] == $_GET['code']) {
  echo "Valid code";
} else {
  die("Invalid code");
}

?>


Just put it before anything else and it'll check if the code entered matches with the one in the image.
Back to top View user's profile Send private message
Gannyaa
-


Joined: 29 Sep 2006
Posts: 93
Location: Nelson, BC -- Canada

PostPosted: Sun Mar 11, 2007 7:06 pm    Post subject: Thanks cmxflash, Reply with quote

Thanks cmxflash,

After about a month of doin other stuff, I finally got back to the captcha script.

Works great...
Also add to your last bit of code there...

session_destroy();

Now to implement it on my other sites...
_________________
Todd (Gannyaa)
http://iGannyaa.bebo.com/
http://haidavision.no-ip.info/gannyaa/newblog.htm
Back to top View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> PHP All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group