simpele-captcha-beveiliging

Gesponsorde koppelingen

PHP script bestanden

  1. simpele-captcha-beveiliging

« Lees de omschrijving en reacties

Code (php)
PHP script in nieuw venster Selecteer het PHP script
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
<?php // example.php: het formulier ?>

<?php
session_start();
ob_start();
require_once("./class_ocr_captcha.inc.php");

$p = new ocr_captcha();

// initaliseren
$gepost = false;
$errmsg = "";
$btncap = "Verzenden";
if (!($text1)) $text1 = "Dit is veld 1";
if (!($text2)) $text2 = "Dit is veld 2";

// is het form gepost?
if (isset($_POST['public_key'])) {
    $public    = $_POST['public_key'];
}

if (isset($_POST['private_key'])) {
    $gepost    = true;
    $private    = $_POST['private_key'];
    $codeOK     = ($p->check_captcha($public,$private));

    // is de ingetypte code juist?
    if (!($codeOK)) {
        // error vars
        $errmsg = "FOUT! FOUT! FOUT!";        // foutboodschap
        $btncap = "Ik probeer het nog een keer";    // button caption <bg>
    }
}
// end if (form gepost)
?>


<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>
<html>
<head><title>Captcha test</title></head>
<body style="margin-left:50px;">
  
<?php
// if (niet gepost) OF (code onjuist) dan het form (opnieuw) tonen
if (!($gepost) || !($codeOK)) { ?>


    <form name="frm" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    <table width="50%" border="0" cellspacing="0" cellpadding="15">

<?php // if (niet gepost) dan de volledige pagina tonen
        if (!($gepost)) {
        // display alle tekst ?>

        <tr><td bgcolor="#CCFFFF">TEKST PAGINA
        <p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p>
        </td></tr>

        <tr><td width="70%">&nbsp;</td></tr>
        <?php } // end if (niet gepost) ?>
    
        <tr><td bgcolor="#FFFF99">TEKST FORM
        <p>Uitleg over het form. Andere teksten voor het form.</p>
        </td></tr>
        
        <tr><td bgcolor="#FFFF99">
            Veld 1<br>
            <input name="text1" type="text" id="text" value="<?php echo $text1; ?>" size="40" />
        </td></tr>
    
        <tr><td bgcolor="#FFFF99">
            Veld 2<br>
            <textarea name="text2" cols="30" rows="10"><?php echo $text2; ?></textarea>
        </td></tr>
    
        <tr>
        <td valign="bottom" bgcolor="#FFFF99">
            <font style="font-size:small">Type deze code van <?php echo $p->long; ?> tekens in het veld hieronder</font><br />
            <?php echo $p->display_captcha(true); // toon plaatje met de code ?>    &nbsp;&nbsp;&nbsp;&nbsp;    
            <input type="text" name="private_key" value="" maxlength="6" size="6"
            style="height:25px;font-size:22px;font-weight:bold;text-transform:uppercase;" />
            &nbsp;&nbsp;<?php echo $errmsg;  // foutboodschap of lege string ?>
            <?php $private=$p->generate_private();  // private key genereren ?>
        </td>
        </tr>
    
        <tr>
        <td bgcolor="#FFFF99">
            <input name="btnSend" type="submit" value="<?php echo $btncap; ?>" />
        </td>
        </tr>
    </table>
    </form>
        
<?php
} else {

// alles ok. inserten.
echo "in de database ermee!<br><br>";
echo "Veld 1: $text1<br>";
echo "Veld 2: $text2<br><br>";
echo "Dank u wel alstublieft.";

}
// end if (niet gepost) OF (code onjuist)
?>


</body>
</html>

//////////////////////////////////////////////////////////

<?php // class_ocr_captcha.inc.php: de class ?>

<?php

/////////////////////////////////////////////////////////
// CLASS NAME:  OCR_CAPTCHA                                                                              
// FILE NAME :  CLASS_SESSION.INC.PHP                                                                    
// LANGUAGE  :  PHP                                                                                      
// AUTHOR    :  Julien PACHET                                                                            
// EMAIL     :  j|u|l|i|e|n| [@] |p|a|c|h|e|t.c|o|m                                                      
// VERSION   :  1.0
// CREATION  :  17/03/2004                                                                                
// LICENCE   :  GNU GPL                                                                                  
/////////////////////////////////////////////////////////

/////////////////////////////////////////////////////////
// What the class does:                                                                                   //
////////////////////////////////////////////////////////
// * Make a catcha picture (Completely Automated Public Turing to tell Computers from Humans Apart)
//   To test if a human is really behind the web page. In a form, you put a captcha picture, and a text
//   Field, and then...
// * Check if the text typed in the field from the picture (private key) corrrespond to the public_key
//   that the class inserted in a hidden field                                                            //
// Indeed, the class can prevent from automatic (bot) filling form for example:                           //
//   _ poll
//   _ account creation
//   _ account loggin (prevent from brute force password tries                                            //
//   _ check for access to a given page (to stop bot like search bot or spam bot                          //
//   _ ...
// More infos at http://www.captcha.net                                                                   //
///////////////////////////////////////////////////////

//////////////////////////////////////////////////////
// Need to work:
/////////////////////////////////////////////////////
// other files: none
// other datas: a private string (see in file class) use to make private key from public key
/////////////////////////////////////////////////////


  class ocr_captcha {
    var
$key;                   // ultra private static text
    var $long;                  // size of text
    var $lx;                    // width of picture
    var $ly;                    // height of picture
    var $nb_noise;             // nb of background noisy characters
    var $filename;              // file of captcha picture stored on disk
    var $imagetype="png";     // can also be "jpg";
    var $public_key;        // public key
    var $font_file    =    "./arialbd.ttf"; // <------------- hier de bestandsnaam van het font
    
    function ocr_captcha($long=5,$lx=120,$ly=30,$nb_noise=5) {
      $this->key=md5("A nicely little text to stay private and use for generate private key");
      $this->long=$long;
      $this->lx=$lx;
      $this->ly=$ly;
      $this->nb_noise=$nb_noise;
      $this->public_key=substr(md5(uniqid(rand(),true)),0,$this->long); // generate public key with entropy
    }
    
    function
get_filename($public="") {
      if ($public=="")
        $public=$this->public_key;
      if (!is_dir("tmp")) // test if rep exist
        mkdir("tmp");
      if (strpos($_SERVER['SystemRoot'], ":\\")===false) // so linux system
        $rad="tmp/"; // Document_root works nicely here  
      else // windows system
        $rad="tmp\\";
      return $rad.$public.".".$this->imagetype;
    }

    
    // generate the private text coming from the public text, using $this->key (not to be public!!), all you have to do is here to change the algorithm
    function generate_private($public="") {
      if ($public=="")
        $public=$this->public_key;
      return substr(md5($this->key.$public),16-$this->long/2,$this->long);
    }

    
    // check if the public text is link to the private text
    function check_captcha($public,$private) {
      // when check, destroy picture on disk
      if (file_exists($this->get_filename($public)))
        unlink($this->get_filename($public));
      return (strtolower($private)==strtolower($this->generate_private($public)));
    }

    
    // display a captcha picture with private text and return the public text
    function make_captcha($noise=true) {
      $private_key = $this->generate_private();
      $image = imagecreatetruecolor($this->lx,$this->ly);
      $back=ImageColorAllocate($image,intval(rand(224,255)),intval(rand(224,255)),intval(rand(224,255)));
      ImageFilledRectangle($image,0,0,$this->lx,$this->ly,$back);
      if ($noise) { // rand characters in background with random position, angle, color
        for ($i=0;$i<$this->nb_noise;$i++) {
          $size=intval(rand(6,10));            // grootte van de noise
          $angle=intval(rand(0,360));         // hoek van de noise
          $x=intval(rand(10,$this->lx-10));
          $y=intval(rand(0,$this->ly-5));
          $color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
          $text=chr(intval(rand(45,250)));
          ImageTTFText ($image,$size,$angle,$x,$y,$color,$this->font_file,$text);
        }
      }

      else { // random grid color
        for ($i=0;$i<$this->lx;$i+=10) {
          $color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
          imageline($image,$i,0,$i,$this->ly,$color);
        }

        for ($i=0;$i<$this->ly;$i+=10) {
          $color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
          imageline($image,0,$i,$this->lx,$i,$color);
        }
      }

      // private text to read
      for ($i=0,$x=5; $i<$this->long;$i++) {
        $r=intval(rand(0,128));
        $g=intval(rand(0,128));
        $b=intval(rand(0,128));
        $color = ImageColorAllocate($image, $r,$g,$b);
        $shadow= ImageColorAllocate($image, $r+128, $g+128, $b+128);
        $size=intval(rand(14,20));        // lettergrootte
        $angle=intval(rand(-10,10));    // hoek van de letter
        $text=strtoupper(substr($private_key,$i,1));
        ImageTTFText($image,$size,$angle,$x+2,26,$shadow,$this->font_file,$text);
        ImageTTFText($image,$size,$angle,$x,24,$color,$this->font_file,$text);
        $x+=$size+2;
      }

      if ($this->imagetype=="jpg")
        imagejpeg($image, $this->get_filename(), 100);
      else
        imagepng($image, $this->get_filename());
      ImageDestroy($image);
    }
    
    function
display_captcha($noise=true) {
      $this->make_captcha($noise);
      $res="<input type=hidden name='public_key' value='".$this->public_key."'>\n";
      $alt="Type deze code van ".$this->long." tekens in het veld hieronder";
      $res.="<img src='".$this->get_filename()."' alt='$alt' border='1'>\n";
      return $res;
    }
  }

  
?>

 
 

Om de gebruiksvriendelijkheid van onze website en diensten te optimaliseren maken wij gebruik van cookies. Deze cookies gebruiken wij voor functionaliteiten, analytische gegevens en marketing doeleinden. U vindt meer informatie in onze privacy statement.