Best Capthas

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Best Capthas

Post by shiznatix »

I have been looking for a captcha script that actually works. So far I have found none :(.

Anyone have any good expierence with one that is easy to setup?
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

as I recommended in another thread: http://hotcaptcha.com ;)
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

I've found the best method is question/answer. Questions like "What colour is between yellow and blue in the rainbow" are very easy for humans to answer, but bots don't have a chance.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

Weirdan wrote:as I recommended in another thread: http://hotcaptcha.com ;)
hahahaha that is fantastic! that captcha couldn't be better!
pickle wrote: I've found the best method is question/answer. Questions like "What colour is between yellow and blue in the rainbow" are very easy for humans to answer, but bots don't have a chance.
nice idea but i don't know what the answer is so there is a bit of a flaw there :P . no i like it, ill think about that one.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Another advantage that has over the image based Captchas I've seen, is you don't need to store the string in a cookie. The implementations I've seen require you to store the actual word in the image, in a cookie or a session. Complex bots should be able to read those contents & get through the image. Using the Q&A, you can just store the ID of the question, rather than the correct answer.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
jayshields
DevNet Resident
Posts: 1912
Joined: Mon Aug 22, 2005 12:11 pm
Location: Leeds/Manchester, England

Post by jayshields »

Weirdan wrote:as I recommended in another thread: http://hotcaptcha.com ;)
that is truly awesome.
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

Excellent new idea.
User avatar
bokehman
Forum Regular
Posts: 509
Joined: Wed May 11, 2005 2:33 am
Location: Alicante (Spain)

Post by bokehman »

pickle wrote:Another advantage that has over the image based Captchas I've seen, is you don't need to store the string in a cookie. The implementations I've seen require you to store the actual word in the image, in a cookie or a session.
How could a bot read the string from a session variable if the information never leaves the server?

Anyway here's a super basic captcha to help understand how one works:

Code: Select all

<?php

session_start();

if(isset($_GET['i'])){
    
    // image creation section
    captcha_image();
}elseif(isset($_POST['captcha'])){
    
    // validation section
    echo(captcha_validate())?'That was correct.<br>':'That was not correct.<br>';
    echo '<a href="http://'.$_SERVER['HTTP_HOST'].htmlentities($_SERVER['PHP_SELF']).'">Try another?</a>';
    exit;
    
}else{
    
    // form section
    echo 
    '<p><a href="http://'.$_SERVER['HTTP_HOST'].htmlentities($_SERVER['PHP_SELF']).
    '" onclick="document.getElementById(\'captcha\').src=\'http://'.
    $_SERVER['HTTP_HOST'].htmlentities($_SERVER['PHP_SELF']).
    '?i=\' + new Date; return false;">Give me an easier one!</a></p>'."\n".
    '<p><img id="captcha" src="http://'.$_SERVER['HTTP_HOST'].htmlentities($_SERVER['PHP_SELF']).
    '?i='.uniqid().'" alt=""></p>'."\n".
    '<form action="http://'.$_SERVER['HTTP_HOST'].htmlentities($_SERVER['PHP_SELF']).'" method="POST">'."\n".
    '<input type="text" name="captcha" ><input type="submit" value="test it"></form>';
    
}
    

function captcha_validate()
{
    if($_POST['captcha'] == $_SESSION['captcha'])
    {
	    $_SESSION['captcha'] = null;
	    return true;
    }
	return false;
}

function captcha_image($length = 
{
    $fontsize = 5;
	$_SESSION['captcha'] = substr(base64_encode(md5(rand())), 0, $length);
    $image = imagecreate(($length*imagefontwidth($fontsize))+1, imagefontheight($fontsize)+1);
    $background_colour = imagecolorallocate($image, 255,255,255);
    $text_shadow = imagecolorallocate($image, 127,127,127);
    $text_colour = imagecolorallocate($image, 0,0,0);
    imagestring($image, $fontsize, 1, 1, $_SESSION['captcha'], $text_shadow);
    imagestring($image, $fontsize, 0, 0, $_SESSION['captcha'], $text_colour);
    header ('Content-type: image/png');
    imagepng($image);
    imagedestroy($image);    
    exit;
}

?>
If you want one with audio check this out
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

bokehman wrote:How could a bot read the string from a session variable if the information never leaves the server?
Good point. Let's limit my comment to only cookies then.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
julian_lp
Forum Contributor
Posts: 121
Joined: Sun Jul 09, 2006 1:00 am
Location: la plata - argentina

Post by julian_lp »

Weirdan wrote:as I recommended in another thread: http://hotcaptcha.com ;)
truly amazing, just two things about it:

1° I've failed twice selecting what I thought were the hot girls (I really like any sort of next door girl ;) )

2° If my old algebra course is still there in my brain, the number of posibilities wich a robot should try is:

Comb(9,3) = 9!/(6!*3!) = 84 very few compared with a simple 3-digit alphanumeric captcha
User avatar
bokehman
Forum Regular
Posts: 509
Joined: Wed May 11, 2005 2:33 am
Location: Alicante (Spain)

Post by bokehman »

julian_lp wrote:
Weirdan wrote:as I recommended in another thread: http://hotcaptcha.com ;)
truly amazing, just two things about it:

1° I've failed twice selecting what I thought were the hot girls (I really like any sort of next door girl ;) )

2° If my old algebra course is still there in my brain, the number of posibilities wich a robot should try is:

Comb(9,3) = 9!/(6!*3!) = 84 very few compared with a simple 3-digit alphanumeric captcha
Yeah, a 3 digit captcha code... 26 lower case... 26 upper case... 10 digits... >>> 62^3 === 238328... quite a bit more than 84.
Post Reply