A Quick and Dirty CAPTCHA Using PHP and the GD Library.

22 Jan, 2008 PHP, Programming

(+1 rating, 1 votes)

Loading ...

If you're just starting to get into PHP you may be a bit confused about how the GD Library works, and how to implement that into things such a CAPTCHA. This is a very easy implementation of a captcha. This will help stop spammers, and spam bots from abusing your form, or spamming your server.

I won't however, prevent the abuse as noted in Jeff Atwoods post, it will however help.

So, let's say you have a public submission or contact form on your website, that looks somewhat like the following:

PLAIN TEXT

HTML:

<form method="post"> Contact us:
<textarea cols="30" rows="5" name="simple_contact"></textarea>
<input value="Submit" type="submit" />
</form>

We'll use a captcha to keep this form somewhat safe ().

Obviously you need a PHP engine enabled for your Web server to execute PHP scripts, and GD (PHP graphics library) to generate the image. The solution below is tested for Apache (Windows and Unix), IIS (Windows), PHP-4, PHP-5, GD and GD2.

1) Make a PHP script (separate file captcha.php) which will generate the image:

PLAIN TEXT

PHP:

session_start();
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
function _generateRandom($length=6)
{
$_rand_src = array(
array(48,57) //digits
, array(97,122) //lowercase chars
// , array(65,90) //uppercase chars
);
srand ((double) microtime() * 1000000);
$random_string = "";
for($i=0;$i<$length;$i++){
$i1=rand(0,sizeof($_rand_src)-1);
$random_string .= chr(rand($_rand_src[$i1][0],$_rand_src[$i1][1]));
}
return $random_string;
}
$im = @imagecreatefromjpeg("captcha.jpg");
$rand = _generateRandom(3);
$_SESSION['captcha'] = $rand;
ImageString($im, 5, 2, 2, $rand[0]." ".$rand[1]." ".$rand[2]." ", ImageColorAllocate ($im, 0, 0, 0));
$rand = _generateRandom(3);
ImageString($im, 5, 2, 2, " ".$rand[0]." ".$rand[1]." ".$rand[2], ImageColorAllocate ($im, 255, 0, 0));
Header ('Content-type: image/jpeg');
imagejpeg($im,NULL,100);
ImageDestroy($im);
?>

2) Add the following line at the top of the page where you need to implement CAPTCHA:

PLAIN TEXT

PHP:

3) Add the following line to check whether the CAPTCHA string entered by the visitor is valid, before the line where you will proceed with a submitted message:

PLAIN TEXT

PHP:

if($_SESSION["captcha"]==$_POST["captcha"])
{
//CAPTHCA is valid; proceed the message: save to database, send by e-mail ...
}
?>

4) Finaly add the CAPTCHA to the form:

PLAIN TEXT

PHP:

<form method="post">
<table bgcolor="#cccccc">
<tr>
<th>Contact us (Post new message):</th>
</tr>
<tr>
<td><textarea cols="30" rows="5" name="message"></textarea></td>
</tr>
<tr>
<td align="center">CAPTCHA:
(antispam code, 3 black symbols)
<table>
<tr>
<td><img src="captcha.php" alt="captcha image" /></td>
<td><input name="captcha" size="3" maxlength="3" type="text" /></td>
</tr>
</table>
</td>
</tr>
<tr>
<th align="center"><input value="Submit" type="submit" /></th>
</tr>
</table>
</form> if(isset($_POST["captcha"]))
if($_SESSION["captcha"]==$_POST["captcha"])
{
//CAPTHCA is valid; proceed the message: save to database, send by e-mail ...
echo 'CAPTHCA is valid; proceed the message';
}
else
{
echo 'CAPTHCA is not valid; ignore submission';
}
?>

There you go! A quick, and dirty captcha for easy implementation. Of course there are much more secure and stronger methods to achieve this feature, but this is just the quick and dirty.

Hope this helped.

Spread the Love: These icons link to social bookmarking sites where readers can share and discover new web pages.