Virtual Brain Online Logo

Bookmark: Root \ PHP \ User Validation With Image Verification Code

User Validation With Image Verification Code


Last Updated: 2007-01-01

Running a website is just like owning your own store on the street, actually it's worse sometimes. A website will attract all kinds of human scum attempting to use your website for their own illegal purposes. Most times these evil crackers will deploy bots, autonomous programs, to send out spam or find weaknesses in your website's design. At lot of harm is done when bots get into forums or contact forms.

A way had to be found to keep robots out and let humans in, this is called CAPTCHA. CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart".
Most major public website use some form of a CAPTCHA test, I will describe two most commonly found picture validation tests below. The Image validation test described here should be able to serve your needs until robots get smart enough to read obscure text or until they gain legal rights not be excluded from human activity ;)

The idea behind image validation is quite simple, generate an image and have a human describe the image. The best way to achieve consistent results is to use common forms of communication. Letters and numbers are the best way to achieve consistency since an "a" will always be an "a" and "3" will always mean "3". Other forms use pictures of items and ask the user to describe them, for our purpose, this is a flawed approach since a white mouse could be described as a mouse. rodent or rat. The last approach does work for verifying identity.

One last point before I present the code, a lot of CAPTCHA examples on the internet generate a few numbers on a solid white background. Even a half blind OCR program from 1990 can read any text generated onto a solid background without trouble. You might as well not waste your time.
Bad CAPTCHA: Slashdot.org is using a great system
The Slashdot image is build very well, it is using whole words which aid the person tested to give the right answer the first time. The image is obscured by drawing lines through the word in the same color the word is written in, this prevents a bot program from striping colors to find the word hiding underneath the colored lines. It has two more features which I do not cover here, the word's letters are spaced unevenly and some words switch fonts for a letter or two.


This code is released under the "Ad License", the ad license is quite simple. You are allowed to use the code below for commercial and private use as long as you click on one of the advertisements you find on this page. Please only click on advertisements you are interested in!


Requirements
PHP4/5 WITH gd plugin - on rpm based linux search for a package called php5-gd or similar. You have to restart your webserver after the installation.

And finally, the code:
Version 1.1 has more backgrounds and more KeyWords
HumanTest_1.1.zip
HumanTest_1.1.tar.gz

HumanTest_1.0.zip
HumanTest_1.0.tar.gz


How it works....
The file image_generator.inc.php picks the word and background image randomly from a predefined list.
You can change the list of keywords used by the script on line 6. The script expects a list of comma separated values, please keep your words under 6 characters.
Line 24 allows you to change the background images used.


HumanTest Example

Originally Posted by Skylinux @ 2007-01-1 13:42:01

 

Title:
Posted By: Jeevan Mallick On: 2009-07-17 07:45
Running: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322)
I have downloaded code and copy to my directory.But when test.php is open image is not showing.
Title: RE: Jeevan
Posted By: Skylinux On: 2009-07-19 07:59
Running: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1) Gecko/20090701 Firefox/3.0.11 (.NET CLR 3.5.30729)
The image based CAPTCHA requires the GD library installed, if you enable error reporting on your server you should see the error message if it is not installed.

 

Add Your Comment:

Note: All posts require administrator approval. Please allow 24 hours for message approval.

Name:
E-Mail:
Title
Plain text only, less then 65 000 characters.

Adding ten and five is?

Please answer the question above and type the answer into the text box below.