Comments on: Simple PHP-GD captcha image

By: 21 Free CAPTCHA Sources | Codrops

21 Free CAPTCHA Sources | Codrops — Wed, 20 Jul 2011 15:56:14 +0000

[...] Classhttp://fragged.org/dev/hOOmanTest_captcha_for_mootools.php19. Simple PHP-GD CAPTCHA Imagehttp://www.php-help.ro/php-tutorials/simple-php-gd-capcha-image/20. Simple AJAX CAPTCHAhttp://blog.smileylover.com/simple-ajax-captcha/21. AJAX CAPTCHA [...]

By: Tiganus Razvan

Tiganus Razvan — Mon, 03 May 2010 15:24:39 +0000

i already sent it to php.net too..
this is respons for adam at worldwrestlingmania dot cjb dot net
06-Dec-2009 04:35(here http://php.net/manual/en/function.imagettftext.php)

and for all that’s using captcha to prevent send information in a form using a robot.
People you don’t need captcha!!!! There is another convenient method , to protect a website for spamming and is much simple:

Let’s consider the 1st page(with the form) and let’s say the second … index.php and receiver.php

index.php:
———————————————————————-

index.php echo('this is the form`s page'); ?>



    

 


    

A form without captcha!!!

———————————————————————-

receiver.php
———————————————————————-

//receiver.php function protectform(){ if($_SERVER["REQUEST_METHOD"]!='GET'){


        

$servername=$_SERVER["SERVER_NAME"];

        

$noterror=true;

        

if   (isset($_SERVER["HTTP_REFERER"]))

            

$gethost=Parse_url($_SERVER["HTTP_REFERER"]);

        

else

            

$noterror=false;

        

$pimp=false;

        

if (!$noterror )

            

$pimp=true;

        

if(isset($gethost))

            

if    ($gethost['host']!==$servername)

                

$pimp=true;

        



    



        

if ($pimp){

            

//print_r($gethost);

              

die('Go away hacker!');

        

}

} } protectform(); if(isset($_REQUEST['send'])and (trim($_REQUEST['data'])!='') ) echo('We already send to this page this value: '.$_REQUEST['data'].' '); else echo('Please try to fill something in that form!'); ?>Return to my form

———————————————————————-

how to probe it?
well let’s say you already upload it on
http://www.example.com/myfolder/ index.php and receiver.php

so try to digit
http://www.example.com/myfolder/index.php

now fill the form’s value…and click send.
now is redirected to receiver.php and you see the right value.

Let’s probe the vulnerability of the script:
digit again
http://www.example.com/myfolder/index.php
now when you see the form press File/Save as from the browser’s menu and save it on desktop like index.html

now try to open with notepad to edit it and change this line:

By: Shane

Shane — Wed, 10 Mar 2010 22:30:01 +0000

I downloaded and ran the script on a Windows server but was unsuccessful. I have GD installed (phpinfo(); stated everything was enabled); I also changed the php.ini file – changed ;extension=php_gd2.dll to extension=php_gd2.dll, restarted the server but still no joy. Any help would greatly appreciated.

Thanks in advance, Shane

By: Constantin Boiangiu

Constantin Boiangiu — Sun, 20 Dec 2009 14:10:12 +0000

Please do. Drop me a line at constantin [at] php-help.ro I’ll update your comment above with the complete script you’ll send. Thank you.

By: m7o

m7o — Sat, 19 Dec 2009 12:44:56 +0000

the code didn’t come though all they, it got gut off and the image tag got removed … too bad. Maybe I can post it somewhere else or send it to you.

By: m7o

m7o — Sat, 19 Dec 2009 12:42:34 +0000

Thanks a lot for the script, I added a bit to get better random numbers and letters and to have different angles and colors for them. I used a smaller jpg and changed the dimensions a bit, of course everyone can play with the numbers and the jpg size. And to make sure one won’t get an image from the browser cache add a unique or random string to the image url, for example like this:

echo “”;
?>

The altered script:

session_start();
srand((double)microtime()*1000000);
$_SESSION['security_string']= substr(md5(uniqid()), 0, 5);
$image_text = empty($_SESSION['security_string']) ? ‘error’ : $_SESSION['security_string'];
$img=imagecreatefromjpeg(“texture.jpg”);
$x = rand(5,10);
for($n=0;$n

By: Constantin Boiangiu

Constantin Boiangiu — Mon, 14 Sep 2009 08:11:41 +0000

How you implement the form is your own choice. The purpose of this is to show a simple way to generate a captcha image. Try a google search, there are tons of tutorials on form processing.

By: Achshar

Achshar — Tue, 08 Sep 2009 21:12:39 +0000

hello fellas
i am a newbie and dont have much of coding experience….
i got every thing but i dony find the form… like a text field…. and how to check if the value inserted in the text box is what the session has generated… i dwnloaded the script but index page only has the image not the form…
so i guess it is not a ” working ” example…

By: Cody Taylor

Cody Taylor — Fri, 14 Aug 2009 16:22:45 +0000

For random spacing and coloring on each letter check http://codytaylor.org/?p=14213

By: How to create a math captcha image

How to create a math captcha image — Fri, 27 Feb 2009 08:33:02 +0000

[...] I wrote a small tutorial about how to create a captcha image. After surfing the web today, I’ve found another idea. How about creating a captcha image [...]