|
PHP - Does A Math Captcha Work, If Not, Why Not?
Hi guys, I just decided to add an addition question in my site for submitting a form, not gonna say where coz one of you will most proberly try to prove it doesnt work! I have a feeling its easy enough for someone to send my form by getting the two variables and evaluating them. But how would they do that? and how would they know the names of the variables to send...?
Is there a way of doing a math captcha that cannot be hacked? Similar TutorialsIs there any way to prevent bots from getting past a math captcha? I have 2 numbers generated randomly (from 1 to 20) and they are displayed in an image with the following lines: one going from the upper left corner to the lower right corner one going from the upper right to the lower left a vertical line in the middle of the image and a horizontal line in the middle.... Now I keep getting bots posting on my comments page every few weeks...is there a more effective method I should try in order to stop this? I have the answer stored in a session variable. I was going to try random numbers from (1 to 100). I also have a php counter on my webpage that has a file that the number of hits is written to and it seems everytime the bots post get past my captcha, the number of hits in the file is overridden. (It will go from 538 views down to 10 views).... Any ideas??? Hi, im trying to have a math captcha in my registration form, but having trouble with setting it up in my form. sorry for the large code. If i change the value of $_POST['Submit'] to something else like $_POST['Submit1'] and then same for the math image captcha then it works, but i would like it to work as part of the form, makes sense? lol right now the form just posts the value and doesnt check for captcha values! if someone could help me out here that would be great! thank you. Code: [Select] <?php if(isset($_POST['Submit'])){ if($_POST['Submit'] != $_SESSION['security_number']) { $error = ""; } else { $error = ""; } //NEED TO CHECK IF FIELDS ARE FILLED IN if( empty($_POST['name']) && (empty($_POST['email']))){ header("Location:Messages.php?msg=3"); exit(); } if( empty($_POST['pw1']) && (empty($_POST['pw2']))){ header( "Location:Messages.php?msg=4" ); exit(); } $name=$_POST['name']; $email=$_POST['email']; $pw1=$_POST['pw1']; $pw2=$_POST['pw2']; if("$pw1" !== "$pw2" ){ header( "Location:Messages.php?msg=5" ); exit(); } $ip = $_SERVER['REMOTE_ADDR']; //connect to the db server , check if uname exist include('config.php'); $query1=("Select * from user where email='$email'"); $result1= mysql_query($query1); $num1=mysql_num_rows($result1); if ($num1 > 0) {//Email already been used header( "Location:Messages.php?msg=11" ); exit(); }else{ $query=("Select * from user where uname='$name'"); $result= mysql_query($query); $num=mysql_num_rows($result); if ($num > 0) {//Username already exist header( "Location:Messages.php?msg=6" ); exit(); }else{ //if username does not exist insert user details $query=( "INSERT INTO user (uname, pw,email,date_joined,ip,level) VALUES ('$name',md5('$pw1'),'$email',NOW(),'$ip','Normal')"); if (@mysql_query ($query)) { header("location:login.php?reg=1"); exit; } } } mysql_close(); } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><!-- InstanceBegin template="/Templates/Auth.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>Registration</title> <!-- InstanceEndEditable --> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- InstanceBeginEditable name="head" --> <!-- InstanceEndEditable --> <link href="styleLog.css" rel="stylesheet" type="text/css"> <script language="javascript" type="text/javascript"> function reloadCaptcha() { document.getElementById('captcha').src = document.getElementById('captcha').src+ '?' +new Date(); } </script> </head> <body> <table width="100%" border="0" cellspacing="7" cellpadding="0"> <tr class="temptitle"> <td><!-- InstanceBeginEditable name="EditRegion4" -->New User Registration <!-- InstanceEndEditable --></td> </tr> <tr> <td><!-- InstanceBeginEditable name="EditRegion3" --> <form name="form1" action="register.php" method="post"> <table width="657" border="0"> <tr> <td width="122"><div align="left">Name</div></td> <td width="525"><input name="name" type="text" size="40"></td> </tr> <tr> <td><div align="left">Email</div></td> <td><input name="email" type="text" size="40"></td> </tr> <tr> <td><div align="left">Password</div></td> <td><input name="pw1" type="password" size="40"></td> </tr> <tr> <td ><div align="left">Confirm Password </div></td> <td><input name="pw2" type="password" size="40"></td> </tr> <tr> <td><img src="math_captcha/image.php" alt="Click to reload image" title="Click to reload image" id="captcha" onclick="javascript:reloadCaptcha()" /></td> <td><input type="text" name="Submit" value="what's the result?" onclick="this.value=''" /></td> <td> </tr> <tr> <td></td> <td> <input name="Submit" type="submit" value="Register"></td> </tr> </table> </form> <?=$error?> MOD EDIT: code tags added. This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=357935.0 Hi, I am making a CAPTCHA image. I am pretty sure the code I have is correct, but I am getting these error messages when I run the script. I use GoDaddy for hosting. The font that I reference in the script is in the root directory with the script. Any ideas? Thanks, Craig ------------ Warning: imagefilledrectangle(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 19 Warning: imageline(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 22 Warning: imageline(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 22 Warning: imageline(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 22 Warning: imageline(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 22 Warning: imageline(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 22 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagesetpixel(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 27 Warning: imagettftext() expects parameter 1 to be resource, null given in /home/content/68/6372768/html/captcha.php on line 30 Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/content/68/6372768/html/captcha.php on line 35 Code: [Select] <?php session_start(); // Set some important CAPTCHA constants define('CAPTCHA_NUMCHARS', 6); // number of characters in pass-phrase define('CAPTCHA_WIDTH', 100); // width of image define('CAPTCHA_HEIGHT', 25); // height of image // Generate the random pass-phrase $pass_phrase = ""; for ($i = 0; $i < CAPTCHA_NUMCHARS; $i++) { $pass_phrase .= chr(rand(97, 122)); } // Store the encrypted pass-phrase in a session variable $_SESSION['pass_phrase'] = sha1($pass_phrase); // Create the image $img = imagecreatetruecolor(CAPTCHA_WIDTH, CAPTCHA_HEIGHT); // Set a white background with black text and gray graphics $bg_color = imagecolorallocate($img, 255, 255, 255); // white $text_color = imagecolorallocate($img, 0, 0, 0); // black $graphic_color = imagecolorallocate($img, 64, 64, 64); // dark gray // Fill the background imagefilledrectangle($img, 0, 0, CAPTCHA_WIDTH, CAPTCHA_HEIGHT, $bg_color); // Draw some random lines for ($i = 0; $i < 5; $i++) { imageline($img, 0, rand() % CAPTCHA_HEIGHT, CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color); } // Sprinkle in some random dots for ($i = 0; $i < 50; $i++) { imagesetpixel($img, rand() % CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color); } // Draw the pass-phrase string imagettftext($img, 18, 0, 5, CAPTCHA_HEIGHT - 5, $text_color, 'Courier New Bold.ttf', $pass_phrase); // Output the image as a PNG using a header header("Content-type: image/png"); imagepng($img); // Clean up imagedestroy($img); ?> The following code is what I am trying to use for doing a form captcha style verification and all it is throwing back when I load the page is an image of the website address. Does anyone here know where I am going wrong? I have been at this all day and gotten nowhere. Thanks in advance <?php session_start(); $rndval = rand(1000, 9999); $_SESSION['rndnum'] = md5($rndval); $img = imagecreate(60, 30); $bgc = imagecolorallocate ($img, 255, 251, 205); $fontcolor = imagecolorallocate ($img, 0, 0, 0); imagestring ($img, 5, 5, 8, $rndval, $fontcolor); header('Content-type: image/jpeg'); imagejpeg($img); imagedestroy($img); ?> why does this not display my hosting supports gd Code: [Select] <?php session_start(); create_image(); function create_image() { $rand = md5(rand(0, 9999999)); $vaule = substr ($rand, 10, 8); //widht and height is the width of the box $width = 150; $height = 30; //the will be ther sixe of the box $image = imagecreate($width, $height); $black = imagecolorallocate($image, 0, 0, 0); $white = imagecolorallocate($image, 255, 255, 255); $grey = imagecolorallocate ($image, 132, 132, 132); $blue = imagecolorallocate ($image, 138, 197, 255); //the bg of the image imagefill($image, 0, 0, $blue); //imagetext imagestring($image, 5, 15, 7, $vaule, $black); //middle line and down line imageline($image, 0, $height/2, $width, $height/2, $grey); imageline($image, $width/2, 0, $width/2, $height, $grey); //hor line image($image, 0, 0, $width, $height, $grey); image($image, 0, $height, $width, 0, $grey); //desplay image imagepng($image); imagedestroy($image); //start session $_SESSION[captcha_key]; } ?> I want to build a captcha from scratch, as I'm all about doing things myself, and I've proposed a nice idea on how I can achieve that, but I'm sort of lost... What I want to do is write a script that will generate a random string of both letters and numbers, with the ability to set a limit on how many characters are generated. Then, I want to store that string within a variable called "random_string". Once the user types in that code, their input would get captured in a separate php file and stored within a variable like so: $captcha_code = $_POST['catpcha_code']; Then, I would write a code to see if the user's input matches the random character string from the html: Code: [Select] <?php if ($random_string == $captcha_code) { mail($to, $subject, $body); } else { echo ("The code you entered did not match the captcha. Please go back and try again."); } ?> Is this possible? I haven't yet tried it myself, because I don't know how to generate random strings of characters, but I was just wondering if perhaps I'm on the right track? Any suggestions or advice is appreciated =) Hello everybody, I am new to these forums and registered due to my problems which has been annoying me all the evening... I've been googling for 3 hours and still haven't found a proper answer. The situation is: I started to use session in my page. <?php ini_set('session.use_cookies', 0); ini_set('session.use_only_cookies', 0); ini_set('session.name', 'sid'); ini_set('session.auto_start', 0); ini_set('session.use_trans_sid', 1); session_start(); ?> these lines are included in, let's say, my register.php file. (please, don't recommend me cookies as i'm developing a site for mobiles) And then, there is a form: <?php echo '<form action="register.php?sid='.session_id().'" method="POST"> Įveskite kodą:<br/> <input class="input" type="text" name="captcha" maxlength="4"/><br/> <img id="captcha" src="captcha.php?sid='.session_id().'" /><br/> <input type="submit" name="submit" value="Registruotis" /><br/> </form>';?> although captcha is shown, when I submit the form and i have to check inputs I get this error: Notice: Undefined index: randomnr2 in C:\Program Files\EasyPHP-5.3.3.1\www\new\register.php on line 144 Well, my captcha.php file: <?php $randomnr = rand(1000, 9999); $_SESSION['randomnr2'] = $randomnr; $im = imagecreatetruecolor(100, 38); $white = imagecolorallocate($im, 255, 255, 255); $grey = imagecolorallocate($im, 150, 150, 150); $black = imagecolorallocate($im, 0, 0, 0); imagefilledrectangle($im, 0, 0, 200, 35, $black); //path to font - this is just an example you can use any font you like: $font = dirName(__FILE__).'/font/karate/Karate.ttf'; imagettftext($im, 20, 4, 22, 30, $grey, $font, $randomnr); imagettftext($im, 20, 4, 15, 32, $white, $font, $randomnr); //prevent caching on client side: header("Expires: Wed, 1 Jan 1997 00:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); header ("Content-type: image/gif"); imagegif($im); imagedestroy($im); ?> Any ideas? Thanks in advance. hi ,frds i am getting trouble . here is my problem captcha is working fine in firefox 3.6.16 but not in IE6 help me frds. Can anyone please take a quick glance at this form the captcha messages are not appearing correctly. The message keeps getting sent. Thank You Code: [Select] <?php if(($_SESSION['security_code'] != $_POST['security_code']) || (empty($_SESSION['security_code'])) ){ $to = "info@*******.com"; // change to your email address $name = htmlentities ($_POST['name']); $email = htmlentities ($_POST['email']); $phone = htmlentities ($_POST['phone']); $msg = htmlentities ($_POST['msg']); $d = date('l dS \of F Y h:i:s A'); $sub = "form to mail"; $headers = "From: $name <$email>\n"; $headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; $mes = "phone: ".$phone."\n"; $mes .= "Message: ".$msg."\n"; $mes .= "Name: ".$name."\n"; $mes .= 'Email: '.$email."\n"; $mes .= 'Date & Time: '.$d; { mail($to, $sub, $mes, $headers); } echo "<p> </p><p> </p><p> </p><br />CAPTCHA CODE does not match! <p> </p><p> </p><a href='javascript:javascript:history.go(-1)'>Click here to go back to previous page</a>"; } else echo "THANK YOU"; ?> This is my first captcha script...it has 2 files, check.php and insert.php It works fine but I would like to hear your opinion what can I do to make it better? Is there any way that I can add random images ? Here is insert.php Code: [Select] <html> <body> <form action="check.php" method="post"> <img src="captcha.jpg"/> Insert captcha: <input type="text" name="cap"/> <input type="submit" value="submit"/> </form> </body> </html> here is check.php Code: [Select] <html> <body> <?php $cap= "flirc"; if ($_POST["cap"]==$cap) echo "Captcha is right!"; else echo " Captcha is wrong! "; ?> </body> </html>It is pretty basic, I know You can see it in action here Hi, I really need to add a captcha to this PHP process form? How do I go about doing this? Code: [Select] <?php // Define some constants define( "RECIPIENT_NAME", "John Smith" ); define( "RECIPIENT_EMAIL", "john@example.com" ); define( "EMAIL_SUBJECT", "Visitor Message" ); // Read the form values $success = false; $senderName = isset( $_POST['senderName'] ) ? preg_replace( "/[^\.\-\' a-zA-Z0-9]/", "", $_POST['senderName'] ) : ""; $senderEmail = isset( $_POST['senderEmail'] ) ? preg_replace( "/[^\.\-\_\@a-zA-Z0-9]/", "", $_POST['senderEmail'] ) : ""; $message = isset( $_POST['message'] ) ? preg_replace( "/(From:|To:|BCC:|CC:|Subject:|Content-Type:)/", "", $_POST['message'] ) : ""; // If all values exist, send the email if ( $senderName && $senderEmail && $message ) { $recipient = RECIPIENT_NAME . " <" . RECIPIENT_EMAIL . ">"; $headers = "From: " . $senderName . " <" . $senderEmail . ">"; $success = mail( $recipient, EMAIL_SUBJECT, $message, $headers ); } // Return an appropriate response to the browser if ( isset($_GET["ajax"]) ) { echo $success ? "success" : "error"; } else { ?> <html> <head> <title>Thanks!</title> </head> <body> <?php if ( $success ) echo "<p>Thanks for sending your message! We'll get back to you shortly.</p>" ?> <?php if ( !$success ) echo "<p>There was a problem sending your message. Please try again.</p>" ?> <p>Click your browser's Back button to return to the page.</p> </body> </html> <?php } ?> ?? Thanks in advance! Code: [Select] <?php /* * To change this template, choose Tools | Templates * and open the template in the editor. */ $width=120; $height=60; $image= imagecreate($width, $height); $txt=substr(md5(rand()),0,8); $white= imagecolorallocate($image, 255, 255, 255); $black= imagecolorallocate($image, 0, 0, 0); $red= imagecolorallocate($image, 255, 0, 0); $new= imagecolorallocate($image, 128, 128, 255); //imagefilledrectangle($image, 10, 10, 110, 50, $white); imagefilledrectangle($image, 20, 20, $width-20, $height-20, $new); imagestring($image, 40, 27, 22, $txt, $black); header("content-type:image/jpeg"); imagejpeg($image); imagedestroy($image); ?> Hi, I need help in my code. I have written a CAPTCHA code, but it is not appearing when I test run in my website. My code is below, could anyone highlight to me my error? Any problems to those that were highlighted in red? Thanks <?php session_start(); // Set some important CAPTCHA constants define('CAPTCHA_NUMCHARS', 6); // number of characters in pass-phrase define('CAPTCHA_WIDTH', 100); // width of image define('CAPTCHA_HEIGHT', 25); // height of image // Generate the random pass-phrase $pass_phrase = ""; for ($i = 0; $i < CAPTCHA_NUMCHARS; $i++) { $pass_phrase .= chr(rand(97, 122)); //chr(), convert a number to its ASCII character equivalent } // Store the encrypted pass-phrase in a session variable $_SESSION['pass_phrase'] = SHA($pass_phrase); // Create the image $img = imagecreatetruecolor(CAPTCHA_WIDTH, CAPTCHA_HEIGHT); // Set a white background with black text and gray graphics $bg_color = imagecolorallocate($img, 255, 255, 255); // white $text_color = imagecolorallocate($img, 0, 0, 0); // black $graphic_color = imagecolorallocate($img, 64, 64, 64); // dark gray // Fill the background imagefilledrectangle($img, 0, 0, CAPTCHA_WIDTH, CAPTCHA_HEIGHT, $bg_color); // Draw some random lines for ($i = 0; $i < 5; $i++) { imageline($img, 0, rand() % CAPTCHA_HEIGHT, CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color); } // Sprinkle in some random dots for ($i = 0; $i < 50; $i++) { imagesetpixel($img, rand() % CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color); } // Draw the pass-phrase string imagettftext($img, 18, 0, 5, CAPTCHA_HEIGHT - 5, $text_color, 'Courier New Bold.ttf', $pass_phrase); // Output the image as a PNG using a header header("Content-type: image/png"); imagepng($img); // Clean up imagedestroy($img); ?> I wrote a small PHP with SQLite script which stores the IP with counter, it works fine with one problem, If I enter the correct password 4th time the counter becomes 4 and I get the error to enter my captcha. All the other times, 1-3 and 5 and above count it just works fine. What am I doing wrong with the logic.
Attaching the zip file with code.
https://drive.google...dit?usp=sharing
Hi I have a script below which I have put together from a couple of other scripts which simply adds an email address to a database for a newsletter and sends an email to the owner and to the user it then shows a success page. The script checks that the email is valid and there is also a captcha. The script works in that it only send out the emails if the captcha etc is entered correctly but the email is being added to the database regardless of whether the capture is correct or not. I was proud of myself for getting this far but would love some instruction on what I have missed and how to stop the email adding to the database unless it has passed the captcha. Below you will see the script. The commented out sections are parts of the old script I don't use. <?php require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_TESTING); $error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { //$name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); //$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); if (tep_validate_email($email_address) == false) { $error = true; $messageStack->add('testing', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } //CAPTHCA CODE start require(DIR_WS_FUNCTIONS . 'capcha_code.php'); $code_query = tep_db_query("select code from capcha_code where oscsid = '" . tep_session_id($HTTP_GET_VARS[tep_session_name()]) . "'"); $code_array = tep_db_fetch_array($code_query); $code = $code_array['code']; tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results $user_entered_code = $HTTP_POST_VARS['capcha_code']; if (!(strcasecmp($user_entered_code, $code) == 0)) { //make the check case insensitive $error = true; $messageStack->add('testing', CAPCTHA_CODE_ENTRY_ERROR); } //CAPTHCA CODE stop /* testing sign up start */ if (isset($HTTP_POST_VARS['testing_sign_up'])) { $testing_query = tep_db_query("select testing_id_number from " . TABLE_TESTING_SIGN_UP . " where testing_email_address = '" . tep_db_input($email_address) . "'"); if(tep_db_num_rows($testing_query) == 0) { $sql_data_array = array('testing_email_address' => $email_address, 'testing_firstname' => "", 'testing_lastname' => ""); tep_db_perform(TABLE_TESTING_SIGN_UP, $sql_data_array); } } /* testing sign up end */ if ($error == false) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $email_address,STORE_OWNER_EMAIL_ADDRESS); tep_mail(MESSAGE_TEXT, $email_address, CUSTOMER_SUBJECT, NUMBER_ONE, STORE_OWNER_EMAIL_ADDRESS); tep_redirect(tep_href_link(FILENAME_TESTING, 'action=success')); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_TESTING)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td><!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('testing', tep_href_link(FILENAME_TESTING, 'action=send')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td><td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td></tr> </table> </td></tr><td class="main"><?php echo INFORMATION_TEXT; ?></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td></tr> <?php if ($messageStack->size('testing') > 0) { ?> <tr> <td><?php echo $messageStack->output('testing'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="left"><?php echo tep_image(DIR_WS_IMAGES . 'clever.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_COMPLETE; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { ?> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2" > <!--<tr> <td class="main"><?php echo ENTRY_NAME; ?></td> </tr> <tr> <td class="main"><?php echo tep_draw_input_field('name'); ?></td> </tr>//--> <tr><td class="main"><?php echo INSTRUCTIONS_TEXT; ?></td></tr> <tr> <td class="main"><?php echo ENTRY_EMAIL; ?> <?php echo tep_draw_input_field('email'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <!--<tr> <td class="main"><?php echo ENTRY_ENQUIRY; ?></td> </tr> <tr> <td><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, $infotext); ?></td> </tr>//--> <!-- CAPTHCA CODE-- START--> <tr> <td class="main"><?php echo CAPCTHA_CODE_CATEGORY; ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <td class="main"><?php echo CAPCTHA_CODE_TEXT_INSTRUCTIONS; ?></td> <td class="main"> <?php // ----- begin garbage collection -------- tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE dt < DATE_SUB(NOW(), INTERVAL 5 HOUR)"); // ----- end garbage collection -------- //can replace the following loop with $capcha_code = substr(str_shuffle (CAPCTHA_CODE_CHARACTER_POOL), 0, rand(3,4)); if you have PHP 4.3 $capcha_code = ""; for ($i = 1; $i <= rand(3,4); $i++){ $capcha_code = $capcha_code . substr(CAPCTHA_CODE_CHARACTER_POOL, rand(0, strlen(CAPCTHA_CODE_CHARACTER_POOL)-1), 1); } $vvcode_oscsid = tep_session_id($HTTP_GET_VARS[tep_session_name()]); tep_db_query("DELETE FROM " . TABLE_CAPCTHA_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); $sql_data_array = array('oscsid' => $vvcode_oscsid, 'code' => $capcha_code); tep_db_perform(TABLE_CAPCTHA_CODE, $sql_data_array); $capcha_code = ""; echo('<img src="' . FILENAME_CAPCTHA_CODE_DISPLAY . '?vvc=' . $vvcode_oscsid . '"'); ?> </td> <td class="main"><?php echo CAPCTHA_CODE_BOX_IDENTIFIER; ?></td> <td class="main"><?php echo tep_draw_input_field('capcha_code'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- testing sign up start//--> <TD WIDTH="100%"> <tr> <td class="main" align="right"><?php echo ENTRY_TESTING_SIGN_UP; ?> <?php echo tep_draw_checkbox_field('testing_sign_up', '1', true); ?> </td></tr> <!--testing sign up end //--> <!-- CAPTHCA CODE-- STOP --> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } ?> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> I'm trying to login to a vBulletin forum using a captcha login. I am, however, not able to download the captcha image. This is the result I get when I try to get the captcha: So how do I get the captcha image? This is my current login code: Code: [Select] <?php $user='username'; $pass='password'; $md5Pass = md5($pass); $data = "do=login&vb_login_md5password=$md5Pass&vb_login_md5password_utf=$md5Pass&vb_login_username=$user&cookieuser=1"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, "http://www.****.com/login.php?do=login"); curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); curl_setopt ($ch, CURLOPT_TIMEOUT, '10'); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch,CURLOPT_POSTFIELDS,$data); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt"); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $store = curl_exec ($ch); curl_close($ch); echo $store; ?> Maybe the site looks for a cookie and only shows the captcha if it finds the cookie file? Ideally just one word authentication and pretty simple, but effective. Preferebly one that does not use Sessions because then the user is unable to press the back button to go back to the original page after submitting the form... I know I could just put a text link there but not all users would click that link... hi i was wondering if anyone had any idea how i can add code A to code b below? code a is my captcha code and code b is my contact form code thanks.. CODE A CAPTCHA: Code: [Select] <?php if(isset($_POST["captcha"])) if($_SESSION["captcha"]==$_POST["captcha"]) { echo 'CAPTHCA is valid; proceed the message'; } else { echo 'CAPTHCA is not valid; ignore submission'; } ?> CODE B CONTACT FORM: Code: [Select] <? $mailto = "me@blah.com"; $cc = ""; $bcc = ""; $subject = "Email subject"; $vname = "blah blah"; $email = $_POST['email']; function validateEmail($email) { if(eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9-]+\.[a-zA-Z]{2,4}(\.[a-zA-Z]{2,3})?(\.[a-zA-Z]{2,3})?$', $email)) return true; else return false; } if(strlen($_POST['name']) < 1 || strlen($_POST['message']) < 1 || validateEmail($email) == FALSE) { $emailerror = 'Error:'; if(empty($_POST['name'])) { $emailerror .= '<li>Enter name</li>'; } if(validateEmail($email) == FALSE) { $emailerror .= '<li>Enter valid email</li>'; } if(empty($_POST['message'])) { $emailerror .= '<li>Enter message</li>'; } } else { $emailerror .= "Your email has been sent successfully"; $timestamp = date("F j, Y, g:ia"); $messageproper ="\n\n" . "Name: " . ucwords($_POST['name']) . "\n" . "Email: " . ucwords($email) . "\n" . "Comments: " . $_POST['message'] . "\n" . "\n\n" ; $messageproper = trim(stripslashes($messageproper)); mail($mailto, $subject, $messageproper, "From: \"$vname\" <".$_POST['e_mail'].">\nReply-To: \"".ucwords($_POST['first_name'])."\" <".$_POST['e_mail'].">\nX-Mailer: PHP/" . phpversion() ); } ?> How effective is Captcha anymore? How does using Captcha compare to using a Challenge Question like "2 + 3 = ??" I am creating a form on my website where users can e-mail me their comments - although my e-mail is hidden - and I don't want this to become a spam-magnet?! Debbie |
|||||||