Image captcha security update

The image captcha class we seen previously had a security issue when used by passing string (like <img src="captcha.php?&s=your_string" />) as it is easy to parse the html and find the value which is printed along with the tag.

It however had no problems if used from another php class. But if you wish to use the class from external Java, Perl, Python, Ruby or any other language and scripts then the image tag was the only option and was not secured.

Therefore, the new and updated captcha class uses browser cookie for storing the captcha and then for checking it.

Download the php classes from:

http://nasaralla.googlecode.com/files/captcha.zip

You will find the following files:

• Captcha.php - The main captcha class


• get_captcha.php - This file will be used to get the printed image


• check_captcha.php - This file will be used for form validation


• test.php - An example php on how it might be used.

now to print the image simply do in your form:
<img src="get_captcha.php" />

You can then validate user input by Ajax or direct form submission by posting to - check_captcha.php

Example form:

<form action="check_captcha.php" method="post">
<input type="text" name="captcha_string" />
<button type="submit">submit</button>
</form>

The file check_captcha.php responses in boolean 1 - true or 0 - false.

Simple php Image Captcha

Hello all,

my next work is a very simple image captcha php class which simple prints a random image with string on it which is very useful for security purposes.

the file could be downloaded from http://nasaralla.googlecode.com/files/captcha.php

and the simple to use instructions are as follows:
_________________________________________
//include the class file
include("captcha.php");
//instanciate the class
$c = new Captcha();
//generate the random string with this function
$c->generateCaptcha();
//print the image
$c->printCaptcha();
_________________________________________