Page 1 of 1

Header problems

Posted: Tue Aug 19, 2008 1:00 am
by notdaves
Ok, in the following block of code, I'm successfully able to create the image, which will be used for image verification for logging into a website. No worries there.

The problem arises whenever I try to do anything past the headers at the bottom. I cant use echo, nor regular html past those headers. There arent any errors either, it just neglects to show the code.

Here's a quick example of what I mean:

*Last 7 lines of the code:*

header( 'Content-type: image/gif' );
header( 'Expires: ' . gmdate('D, d M Y H:i:s') . 'GMT' );
header( 'Cache-control: no-cache' );
// Output Image
$oTuringTest->Create();
echo"TEXT"; //this part will not show up
?>

Anyone know what I'm doing wrong here?


Whole Code:
<?php
class TuringImage
{
// Font Settings
var $m_szFontFace;
var $m_iFontSize;

// Image Object
var $m_oImage;

// Image Bounds
var $m_aImageSize;

// Image Text
var $m_szImageText;

function TuringImage()
{
// Font Settings
$this->m_szFontFace = 'font/FreeMono.ttf';
$this->m_iFontSize = 20;

$this->m_oImage = 0;
$this->m_aImageSize = array( 190, 40 ); // Image Width & Height
$this->m_szImageText = '';
}

function GenerateKey( $iLen )
{
$szRandStr = md5( uniqid( rand(), true ) );
$iRandIdx = rand( 0, (strlen($szRandStr) - $iLen - 1) );
$szRandStr = substr( $szRandStr, $iRandIdx, $iLen );

// Replace O's and 0's to reduce confusion
$szRandStr = str_replace( O , X , $szRandStr );
$szRandStr = str_replace( 0 , 4 , $szRandStr );

$this->m_szImageText = strtoupper( $szRandStr );
return;
}

function GetKey()
{ return $this->m_szImageText;
}

function Create()
{
$iTextLen = 9;

// Create Image
$this->m_oImage = imagecreate( $this->m_aImageSize[0], $this->m_aImageSize[1] );

// Get Colors
$oColorFG = imagecolorallocate( $this->m_oImage, 143, 168, 183 );
$oColorBG = imagecolorallocate( $this->m_oImage, 30, 42, 49 );

// Set Background Color of Image
imagefilledrectangle( $this->m_oImage, 0, 0, $this->m_aImageSize[0], $this->m_aImageSize[1], $oColorFG );
imagefilledrectangle( $this->m_oImage, 1, 1, $this->m_aImageSize[0]-2, $this->m_aImageSize[1]-2, $oColorBG );

// Obfuscate Image
$this->ObfuscateImage();
// Write Verification String to Image
for( $i = 0; $i < $iTextLen; $i++ )
$this->WriteTTF( (10 + ($i * 18)), (24 + rand(0, 5)), rand(-15, 15), $this->m_szImageText[$i] );

// Output Image to Browser
imagegif( $this->m_oImage );

// Free Image Resources
imagedestroy( $this->m_oImage );
return;
}

function ObfuscateImage()
{
$oColor = imagecolorallocate( $this->m_oImage, 143, 168, 183 );

// Random Pixels
for( $x = 0; $x < $this->m_aImageSize[0]; $x += rand( 3, 7 ) )
for( $y = 0; $y < $this->m_aImageSize[1]; $y += rand( 3, 7 ) )
imagesetpixel( $this->m_oImage, $x, $y, $oColor );

// Random Diagonal Lines
for( $x = 0; $x < $this->m_aImageSize[0]; $x += rand( 15, 25 ) )
imageline( $this->m_oImage, $x, 0, $x + rand( -50, 50 ), $this->m_aImageSize[1], $oColor );

for( $y = 0; $y < $this->m_aImageSize[1]; $y += rand( 15, 25 ) )
imageline( $this->m_oImage, 0, $y, $this->m_aImageSize[0], $y + rand( -50, 50 ), $oColor );

return;
}

function WriteTTF( $iLocX, $iLocY, $iAngle, $szText )
{
$oColor = imagecolorallocate( $this->m_oImage, 255, 255, 255 );
imagettftext( $this->m_oImage, $this->m_iFontSize, $iAngle, $iLocX, $iLocY, $oColor, $this->m_szFontFace, $szText );
}
}

// Create Turing Test Object
$oTuringTest = new TuringImage();
$oTuringTest->GenerateKey( 9 ); // Length of Key (5)

// Store key in sessions for later comparison
$_SESSION['SECURITY_KEY'] = $oTuringTest->GetKey();

// Set Content Type to GIF with NoCache
header( 'Content-type: image/gif' );
header( 'Expires: ' . gmdate('D, d M Y H:i:s') . 'GMT' );
header( 'Cache-control: no-cache' );
// Output Image
$oTuringTest->Create();
?>

Re: Header problems

Posted: Tue Aug 19, 2008 3:35 am
by GeertDD
Just by looking at the top part, it is clear you are generating an image with the image/gif Content-Type. Any output will be rendered as an image by the browser. If you would change the Content-Type to text/html, the image will break but the "TEXT" string will be visible.

Enter the line below in your browser's location bar and have a look at the end of the all the weird characters that pop up. I guess you will see "TEST" in there too then.

view-source:http://yoursite.com/path/to/img.gif