README for the CAPTCHA 2 class
by Cristian Navalici
=============================================================================
1.0 How to use the class?
2.0 Requirements
3.0 What is a CAPTCHA?
3.1 What are the applications for CAPTCHAs?
4.0 Author
4.1 License
=============================================================================
1.0 How to use the class?
=============================================================================
It's realy easy to use this class.
You need to know about 3 functions to operate it properly:
function createCaptcha($length = 6, $type = 'png', $draw_lines = 'true')
function showCaptcha()
function verifyCaptcha($txt)
//----------------------
function createCaptcha - generate the captcha based on your arguments
$length - how long do you want the string showed in picture? (default: 6)
$type - what type do you want to be saved picture? (possible: png/jpeg, default: png)
$draw_lines - do you want to add some lines to the picture to make it even more difficult to read? (default: true)
All parameters have defaults so you doesn't need to enter any of the parameters.
//----------------------
//----------------------
function showCaptcha() - show on a html page generated captcha (must follow createCaptcha function)
Generated string is a random one (made by combination of letters (A-Z) and digits (2-9)
(0 is excluded; it can be confounded on some fonts with letter 'O'; idem for digit 1 and letter l).
//----------------------
//----------------------
function verifyCaptcha($txt) - verify if generated captcha is the same with user input ($txt)
//----------------------
See example.php for a detailed example.
There are some more modifications you can make into class itself.
These can be found in the first statements of the class:
// here you can make some adjustments
private $font_size = 18; // if GD2 in points / GD1 in pixels
private $font = 'bahamasn.ttf';
private $img_height = 40;
private $save_path = 'gdtest'; // without trailing slash
private $secret_key = 'Insert a complicated string here';
private $secret_key = 'Insert a complicated string here';
private $use_windows = 0; // 1 - if you'll use windows 0 - if don't
// until here
You can modify image height, font used in generated images or size of it.
In our example, images are saved in 'gdtest' folder. You can save wherever you want
but pay attention to directory write rights (apache must be able to write in it).
You can modify in stringGenerator line
$alphanumerics = array_merge(range('A', 'Z'), range(2, 9));
to
$alphanumerics = array_merge(range('A', 'Z'), range ('a', 'z'), range(0, 9));
if you want full range of letters and digits. Beware of some fonts that have minor differences between majuscules and minuscules.
Specify on $use_windows what SO you'll use.
=============================================================================
2.0 Requirements
=============================================================================
Apache + PHP5
PHP must be configured with GD options.
e.g. --with-gd --with-freetype-dir --enable-gd-native-ttf --with-ttf --enable-exif --with-jpeg-dir=/usr/lib/libjpeg.so
Also must suport mcrypt.
--with-mcrypt
libmcrypt > 2.4.x
More details on: http://www.php.net/manual/en/ref.mcrypt.php
=============================================================================
3.0 What is a CAPTCHA?
=============================================================================
A CAPTCHA (an initialism for "Completely Automated Public Turing test to tell Computers and Humans Apart", trademarked by Carnegie Mellon University) is a type of challenge-response test used in computing to determine whether or not the user is human.
The term was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas J. Hopper of Carnegie Mellon University, and John Langford of IBM. A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen.
For more informations about CAPTCHAs please visit http://www.captcha.net/ or http://en.wikipedia.org/wiki/Captcha
=============================================================================
3.1 What are the applications for CAPTCHAs?
=============================================================================
CAPTCHAs have several applications for practical security,
including (but not limited to):
Online Polls.
Can the result of any online poll be trusted? Not unless the poll requires
that only humans can vote.
Free Email Services.
Several companies (Yahoo!, Microsoft, etc.) offer free email services.
Most of these suffer from a specific type of attack: "bots" that sign
up for thousands of email accounts every minute.
Search Engine Bots.
Search engine bots, since they usually belong to large companies, respect
web pages that don't want to allow them in. However, in order to truly
guarantee that bots won't enter a web site, CAPTCHAs are needed.
Worms and Spam.
CAPTCHAs also offer a plausible solution against email worms and spam:
"I will only accept an email if I know there is a human behind the other computer."
Preventing Dictionary Attacks.
Pinkas and Sander have suggested using CAPTCHAs to prevent dictionary attacks in
password systems. The idea is simple: prevent a computer from being able to
iterate through the entire space of passwords.
=============================================================================
4.0 Author
=============================================================================
Cristian Navalici
cristian.navalici [at] gmail.com
http://goodies.graficoncept.ro
http://www.phpclasses.org/trackback/browse/package/3336.html
=============================================================================
4.1 License
=============================================================================
GNU General Public License (Version 2, June 1991)
This program is free software; you can redistribute
it and/or modify it under the terms of the GNU
General Public License as published by the Free
Software Foundation; either version 2 of the License,
or (at your option) any later version.
This program is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License
for more details. |