Putting It All Together
The sections to follow explain how to put all the above steps together to obtain the complete GenerateCaptcha class (see Listing 1).
The line that glues together the client page and the CAPTCHA script is the line that instantiate the GenerateCaptcha class:
//create captcha
$generate_captcha = new GenerateCaptcha($w, $h, $use_font, $chs);
Author Note: The arguments passed to the
GenerateCaptchafunction represent the CAPTCHA’s custom parameters:
- the width of the CAPTCHA image (width=300)
- the height of the CAPTCHA image (height=150)
- number of characters rendered in the image (chs=3)
- font type (font=AdvertRegular)You use only two True Type fonts in this example, as you can see in the
{/fonts}folder.
Those parameters are set in the
test_custom.php script using the following line of code:
<img src="GenerateCaptcha.php?width=300&height=150&chs=3&font=AdvertRegular"/>
The customizable parameters are passed to the
GeneratedCaptcha.php script, which processes them with the code below:
//start a new session
session_start();
//set the default captcha configuration
$w = 150; //the width of the captcha image
$h = 50; //the height of the captcha image
$chs = 5; //number of characters rendered in image
$font = "AardvarkCafe";//font type
//get the custom configuration
if(isset($_GET['width'])) { $w = $_GET['width']; }
if(isset($_GET['height'])) { $h = $_GET['height']; }
if(isset($_GET['chs'])) { $chs = $_GET['chs']; }
if(isset($_GET['font'])) { $font = $_GET['font']; }
//set the font path
$use_font = "./fonts/".$font.".ttf";
Now that you have finished your CAPTCHA script, it is time to see how it works. For this, you can write a simple PHP test using simple forms like
test_default.php (see Listing 2) and test_custom.php (see Listing 3).
Notice how you call the
GenerateCaptcha.php script in the img HTML element. To display the CAPTCHA image, you use the common img HTML element with the specification that the image is generated dynamically (using the GenerateCaptcha.php described previously).
The final step is to check if the generated CAPTCHA text stored on the session is equal to the text provided by the user in the form:
if($_SESSION['captchaCheck'] == $_POST['providedCaptcha'] && !empty($_SESSION['captchaCheck']))
Here is the
register.php script:
<?php
session_start();
if(isset($_POST['submit'])) {
if($_SESSION['captchaCheck'] == $_POST['providedCaptcha'] && !empty($_SESSION['captchaCheck'])){
// TODO
echo $_POST['user']." was successfully register with e-mail
".$_POST['email']."!";
unset($_SESSION['captchaCheck']);
} else {
//TODO
echo "The inserted text (".$_POST['providedCaptcha'].") does
not match the rendered one (".$_SESSION['captchaCheck'].")!";
}
}
?>
In both examples (
test_default.php and test_custom.php), after the user submits the form, a message will display. Figure 1 shows the output of the test_default.php scripts.
After the user (Octavia, in this case) submits text that proves valid, the following text will appear:
Octavia was successfully registered with e-mail [email protected]!
Figure 2 shows the output of the
test_default.php script when the CAPTCHA text does not match the provided text.
If the user inserts text that does not match the CAPTCHA, the text below will appear:
The inserted text (5j5k22) does not match the rendered one ()!
Figure 3 shows the output of the
test_custom.php script.
After the user submits valid text, the following message will appear:
Octavia was successfully registered with e-mail [email protected]!
If the inserted text does not match the CAPTCHA, the text below will appear:
The inserted text (h!w) does not match the rendered one (wim)!
Figure 4 shows the output of the
test_custom.php script when the CAPTCHA text does not match the provided text.
What Have You Learned?
In this article, you got step-by-step instructions for creating your own CAPTCHA using PHP. You learned how to customize the CAPTCHA parameters to your liking for better design and protection of your web site.
Code Download
About the Author
Octavia Andreea Anghel is a senior PHP developer currently working as a primary trainer for programming teams that participate at national and international software-development contests. She consults on developing educational projects at a national level. She is a coauthor of the book “XML TechnologiesXML in Java” (Albastra, ISBN 978-973-650-210-1), for which she wrote the XML portions. In addition to PHP and XML, she’s interested in software architecture, web services, UML, and high-performance unit tests. to e-mail her.
