simpele-captcha-beveiliging
Gesponsorde koppelingen
PHP script bestanden
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
<?php // example.php: het formulier ?>
<?php
session_start();
ob_start();
require_once("./class_ocr_captcha.inc.php");
$p = new ocr_captcha();
// initaliseren
$gepost = false;
$errmsg = "";
$btncap = "Verzenden";
if (!($text1)) $text1 = "Dit is veld 1";
if (!($text2)) $text2 = "Dit is veld 2";
// is het form gepost?
if (isset($_POST['public_key'])) {
$public = $_POST['public_key'];
}
if (isset($_POST['private_key'])) {
$gepost = true;
$private = $_POST['private_key'];
$codeOK = ($p->check_captcha($public,$private));
// is de ingetypte code juist?
if (!($codeOK)) {
// error vars
$errmsg = "FOUT! FOUT! FOUT!"; // foutboodschap
$btncap = "Ik probeer het nog een keer"; // button caption <bg>
}
} // end if (form gepost)
?>
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>
<html>
<head><title>Captcha test</title></head>
<body style="margin-left:50px;">
<?php
// if (niet gepost) OF (code onjuist) dan het form (opnieuw) tonen
if (!($gepost) || !($codeOK)) { ?>
<form name="frm" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table width="50%" border="0" cellspacing="0" cellpadding="15">
<?php // if (niet gepost) dan de volledige pagina tonen
if (!($gepost)) {
// display alle tekst ?>
<tr><td bgcolor="#CCFFFF">TEKST PAGINA
<p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p>
</td></tr>
<tr><td width="70%"> </td></tr>
<?php } // end if (niet gepost) ?>
<tr><td bgcolor="#FFFF99">TEKST FORM
<p>Uitleg over het form. Andere teksten voor het form.</p>
</td></tr>
<tr><td bgcolor="#FFFF99">
Veld 1<br>
<input name="text1" type="text" id="text" value="<?php echo $text1; ?>" size="40" />
</td></tr>
<tr><td bgcolor="#FFFF99">
Veld 2<br>
<textarea name="text2" cols="30" rows="10"><?php echo $text2; ?></textarea>
</td></tr>
<tr>
<td valign="bottom" bgcolor="#FFFF99">
<font style="font-size:small">Type deze code van <?php echo $p->long; ?> tekens in het veld hieronder</font><br />
<?php echo $p->display_captcha(true); // toon plaatje met de code ?>
<input type="text" name="private_key" value="" maxlength="6" size="6"
style="height:25px;font-size:22px;font-weight:bold;text-transform:uppercase;" />
<?php echo $errmsg; // foutboodschap of lege string ?>
<?php $private=$p->generate_private(); // private key genereren ?>
</td>
</tr>
<tr>
<td bgcolor="#FFFF99">
<input name="btnSend" type="submit" value="<?php echo $btncap; ?>" />
</td>
</tr>
</table>
</form>
<?php
} else {
// alles ok. inserten.
echo "in de database ermee!<br><br>";
echo "Veld 1: $text1<br>";
echo "Veld 2: $text2<br><br>";
echo "Dank u wel alstublieft.";
} // end if (niet gepost) OF (code onjuist)
?>
</body>
</html>
//////////////////////////////////////////////////////////
<?php // class_ocr_captcha.inc.php: de class ?>
<?php
/////////////////////////////////////////////////////////
// CLASS NAME: OCR_CAPTCHA
// FILE NAME : CLASS_SESSION.INC.PHP
// LANGUAGE : PHP
// AUTHOR : Julien PACHET
// EMAIL : j|u|l|i|e|n| [@] |p|a|c|h|e|t.c|o|m
// VERSION : 1.0
// CREATION : 17/03/2004
// LICENCE : GNU GPL
/////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////
// What the class does: //
////////////////////////////////////////////////////////
// * Make a catcha picture (Completely Automated Public Turing to tell Computers from Humans Apart)
// To test if a human is really behind the web page. In a form, you put a captcha picture, and a text
// Field, and then...
// * Check if the text typed in the field from the picture (private key) corrrespond to the public_key
// that the class inserted in a hidden field //
// Indeed, the class can prevent from automatic (bot) filling form for example: //
// _ poll
// _ account creation
// _ account loggin (prevent from brute force password tries //
// _ check for access to a given page (to stop bot like search bot or spam bot //
// _ ...
// More infos at http://www.captcha.net //
///////////////////////////////////////////////////////
//////////////////////////////////////////////////////
// Need to work:
/////////////////////////////////////////////////////
// other files: none
// other datas: a private string (see in file class) use to make private key from public key
/////////////////////////////////////////////////////
class ocr_captcha {
var $key; // ultra private static text
var $long; // size of text
var $lx; // width of picture
var $ly; // height of picture
var $nb_noise; // nb of background noisy characters
var $filename; // file of captcha picture stored on disk
var $imagetype="png"; // can also be "jpg";
var $public_key; // public key
var $font_file = "./arialbd.ttf"; // <------------- hier de bestandsnaam van het font
function ocr_captcha($long=5,$lx=120,$ly=30,$nb_noise=5) {
$this->key=md5("A nicely little text to stay private and use for generate private key");
$this->long=$long;
$this->lx=$lx;
$this->ly=$ly;
$this->nb_noise=$nb_noise;
$this->public_key=substr(md5(uniqid(rand(),true)),0,$this->long); // generate public key with entropy
}
function get_filename($public="") {
if ($public=="")
$public=$this->public_key;
if (!is_dir("tmp")) // test if rep exist
mkdir("tmp");
if (strpos($_SERVER['SystemRoot'], ":\\")===false) // so linux system
$rad="tmp/"; // Document_root works nicely here
else // windows system
$rad="tmp\\";
return $rad.$public.".".$this->imagetype;
}
// generate the private text coming from the public text, using $this->key (not to be public!!), all you have to do is here to change the algorithm
function generate_private($public="") {
if ($public=="")
$public=$this->public_key;
return substr(md5($this->key.$public),16-$this->long/2,$this->long);
}
// check if the public text is link to the private text
function check_captcha($public,$private) {
// when check, destroy picture on disk
if (file_exists($this->get_filename($public)))
unlink($this->get_filename($public));
return (strtolower($private)==strtolower($this->generate_private($public)));
}
// display a captcha picture with private text and return the public text
function make_captcha($noise=true) {
$private_key = $this->generate_private();
$image = imagecreatetruecolor($this->lx,$this->ly);
$back=ImageColorAllocate($image,intval(rand(224,255)),intval(rand(224,255)),intval(rand(224,255)));
ImageFilledRectangle($image,0,0,$this->lx,$this->ly,$back);
if ($noise) { // rand characters in background with random position, angle, color
for ($i=0;$i<$this->nb_noise;$i++) {
$size=intval(rand(6,10)); // grootte van de noise
$angle=intval(rand(0,360)); // hoek van de noise
$x=intval(rand(10,$this->lx-10));
$y=intval(rand(0,$this->ly-5));
$color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
$text=chr(intval(rand(45,250)));
ImageTTFText ($image,$size,$angle,$x,$y,$color,$this->font_file,$text);
}
}
else { // random grid color
for ($i=0;$i<$this->lx;$i+=10) {
$color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
imageline($image,$i,0,$i,$this->ly,$color);
}
for ($i=0;$i<$this->ly;$i+=10) {
$color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
imageline($image,0,$i,$this->lx,$i,$color);
}
}
// private text to read
for ($i=0,$x=5; $i<$this->long;$i++) {
$r=intval(rand(0,128));
$g=intval(rand(0,128));
$b=intval(rand(0,128));
$color = ImageColorAllocate($image, $r,$g,$b);
$shadow= ImageColorAllocate($image, $r+128, $g+128, $b+128);
$size=intval(rand(14,20)); // lettergrootte
$angle=intval(rand(-10,10)); // hoek van de letter
$text=strtoupper(substr($private_key,$i,1));
ImageTTFText($image,$size,$angle,$x+2,26,$shadow,$this->font_file,$text);
ImageTTFText($image,$size,$angle,$x,24,$color,$this->font_file,$text);
$x+=$size+2;
}
if ($this->imagetype=="jpg")
imagejpeg($image, $this->get_filename(), 100);
else
imagepng($image, $this->get_filename());
ImageDestroy($image);
}
function display_captcha($noise=true) {
$this->make_captcha($noise);
$res="<input type=hidden name='public_key' value='".$this->public_key."'>\n";
$alt="Type deze code van ".$this->long." tekens in het veld hieronder";
$res.="<img src='".$this->get_filename()."' alt='$alt' border='1'>\n";
return $res;
}
}
?>
<?php
session_start();
ob_start();
require_once("./class_ocr_captcha.inc.php");
$p = new ocr_captcha();
// initaliseren
$gepost = false;
$errmsg = "";
$btncap = "Verzenden";
if (!($text1)) $text1 = "Dit is veld 1";
if (!($text2)) $text2 = "Dit is veld 2";
// is het form gepost?
if (isset($_POST['public_key'])) {
$public = $_POST['public_key'];
}
if (isset($_POST['private_key'])) {
$gepost = true;
$private = $_POST['private_key'];
$codeOK = ($p->check_captcha($public,$private));
// is de ingetypte code juist?
if (!($codeOK)) {
// error vars
$errmsg = "FOUT! FOUT! FOUT!"; // foutboodschap
$btncap = "Ik probeer het nog een keer"; // button caption <bg>
}
} // end if (form gepost)
?>
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>
<html>
<head><title>Captcha test</title></head>
<body style="margin-left:50px;">
<?php
// if (niet gepost) OF (code onjuist) dan het form (opnieuw) tonen
if (!($gepost) || !($codeOK)) { ?>
<form name="frm" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table width="50%" border="0" cellspacing="0" cellpadding="15">
<?php // if (niet gepost) dan de volledige pagina tonen
if (!($gepost)) {
// display alle tekst ?>
<tr><td bgcolor="#CCFFFF">TEKST PAGINA
<p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit.</p>
</td></tr>
<tr><td width="70%"> </td></tr>
<?php } // end if (niet gepost) ?>
<tr><td bgcolor="#FFFF99">TEKST FORM
<p>Uitleg over het form. Andere teksten voor het form.</p>
</td></tr>
<tr><td bgcolor="#FFFF99">
Veld 1<br>
<input name="text1" type="text" id="text" value="<?php echo $text1; ?>" size="40" />
</td></tr>
<tr><td bgcolor="#FFFF99">
Veld 2<br>
<textarea name="text2" cols="30" rows="10"><?php echo $text2; ?></textarea>
</td></tr>
<tr>
<td valign="bottom" bgcolor="#FFFF99">
<font style="font-size:small">Type deze code van <?php echo $p->long; ?> tekens in het veld hieronder</font><br />
<?php echo $p->display_captcha(true); // toon plaatje met de code ?>
<input type="text" name="private_key" value="" maxlength="6" size="6"
style="height:25px;font-size:22px;font-weight:bold;text-transform:uppercase;" />
<?php echo $errmsg; // foutboodschap of lege string ?>
<?php $private=$p->generate_private(); // private key genereren ?>
</td>
</tr>
<tr>
<td bgcolor="#FFFF99">
<input name="btnSend" type="submit" value="<?php echo $btncap; ?>" />
</td>
</tr>
</table>
</form>
<?php
} else {
// alles ok. inserten.
echo "in de database ermee!<br><br>";
echo "Veld 1: $text1<br>";
echo "Veld 2: $text2<br><br>";
echo "Dank u wel alstublieft.";
} // end if (niet gepost) OF (code onjuist)
?>
</body>
</html>
//////////////////////////////////////////////////////////
<?php // class_ocr_captcha.inc.php: de class ?>
<?php
/////////////////////////////////////////////////////////
// CLASS NAME: OCR_CAPTCHA
// FILE NAME : CLASS_SESSION.INC.PHP
// LANGUAGE : PHP
// AUTHOR : Julien PACHET
// EMAIL : j|u|l|i|e|n| [@] |p|a|c|h|e|t.c|o|m
// VERSION : 1.0
// CREATION : 17/03/2004
// LICENCE : GNU GPL
/////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////
// What the class does: //
////////////////////////////////////////////////////////
// * Make a catcha picture (Completely Automated Public Turing to tell Computers from Humans Apart)
// To test if a human is really behind the web page. In a form, you put a captcha picture, and a text
// Field, and then...
// * Check if the text typed in the field from the picture (private key) corrrespond to the public_key
// that the class inserted in a hidden field //
// Indeed, the class can prevent from automatic (bot) filling form for example: //
// _ poll
// _ account creation
// _ account loggin (prevent from brute force password tries //
// _ check for access to a given page (to stop bot like search bot or spam bot //
// _ ...
// More infos at http://www.captcha.net //
///////////////////////////////////////////////////////
//////////////////////////////////////////////////////
// Need to work:
/////////////////////////////////////////////////////
// other files: none
// other datas: a private string (see in file class) use to make private key from public key
/////////////////////////////////////////////////////
class ocr_captcha {
var $key; // ultra private static text
var $long; // size of text
var $lx; // width of picture
var $ly; // height of picture
var $nb_noise; // nb of background noisy characters
var $filename; // file of captcha picture stored on disk
var $imagetype="png"; // can also be "jpg";
var $public_key; // public key
var $font_file = "./arialbd.ttf"; // <------------- hier de bestandsnaam van het font
function ocr_captcha($long=5,$lx=120,$ly=30,$nb_noise=5) {
$this->key=md5("A nicely little text to stay private and use for generate private key");
$this->long=$long;
$this->lx=$lx;
$this->ly=$ly;
$this->nb_noise=$nb_noise;
$this->public_key=substr(md5(uniqid(rand(),true)),0,$this->long); // generate public key with entropy
}
function get_filename($public="") {
if ($public=="")
$public=$this->public_key;
if (!is_dir("tmp")) // test if rep exist
mkdir("tmp");
if (strpos($_SERVER['SystemRoot'], ":\\")===false) // so linux system
$rad="tmp/"; // Document_root works nicely here
else // windows system
$rad="tmp\\";
return $rad.$public.".".$this->imagetype;
}
// generate the private text coming from the public text, using $this->key (not to be public!!), all you have to do is here to change the algorithm
function generate_private($public="") {
if ($public=="")
$public=$this->public_key;
return substr(md5($this->key.$public),16-$this->long/2,$this->long);
}
// check if the public text is link to the private text
function check_captcha($public,$private) {
// when check, destroy picture on disk
if (file_exists($this->get_filename($public)))
unlink($this->get_filename($public));
return (strtolower($private)==strtolower($this->generate_private($public)));
}
// display a captcha picture with private text and return the public text
function make_captcha($noise=true) {
$private_key = $this->generate_private();
$image = imagecreatetruecolor($this->lx,$this->ly);
$back=ImageColorAllocate($image,intval(rand(224,255)),intval(rand(224,255)),intval(rand(224,255)));
ImageFilledRectangle($image,0,0,$this->lx,$this->ly,$back);
if ($noise) { // rand characters in background with random position, angle, color
for ($i=0;$i<$this->nb_noise;$i++) {
$size=intval(rand(6,10)); // grootte van de noise
$angle=intval(rand(0,360)); // hoek van de noise
$x=intval(rand(10,$this->lx-10));
$y=intval(rand(0,$this->ly-5));
$color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
$text=chr(intval(rand(45,250)));
ImageTTFText ($image,$size,$angle,$x,$y,$color,$this->font_file,$text);
}
}
else { // random grid color
for ($i=0;$i<$this->lx;$i+=10) {
$color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
imageline($image,$i,0,$i,$this->ly,$color);
}
for ($i=0;$i<$this->ly;$i+=10) {
$color=imagecolorallocate($image,intval(rand(160,224)),intval(rand(160,224)),intval(rand(160,224)));
imageline($image,0,$i,$this->lx,$i,$color);
}
}
// private text to read
for ($i=0,$x=5; $i<$this->long;$i++) {
$r=intval(rand(0,128));
$g=intval(rand(0,128));
$b=intval(rand(0,128));
$color = ImageColorAllocate($image, $r,$g,$b);
$shadow= ImageColorAllocate($image, $r+128, $g+128, $b+128);
$size=intval(rand(14,20)); // lettergrootte
$angle=intval(rand(-10,10)); // hoek van de letter
$text=strtoupper(substr($private_key,$i,1));
ImageTTFText($image,$size,$angle,$x+2,26,$shadow,$this->font_file,$text);
ImageTTFText($image,$size,$angle,$x,24,$color,$this->font_file,$text);
$x+=$size+2;
}
if ($this->imagetype=="jpg")
imagejpeg($image, $this->get_filename(), 100);
else
imagepng($image, $this->get_filename());
ImageDestroy($image);
}
function display_captcha($noise=true) {
$this->make_captcha($noise);
$res="<input type=hidden name='public_key' value='".$this->public_key."'>\n";
$alt="Type deze code van ".$this->long." tekens in het veld hieronder";
$res.="<img src='".$this->get_filename()."' alt='$alt' border='1'>\n";
return $res;
}
}
?>