验证验证码功能

时间:2012-10-13 15:08:47

标签: php javascript captcha

我无法为我编写的验证码创建验证码。这是captcha.php:

<?php
  // this part should be saved as captcha.php
  // best usage is to put this file with 5 random TTF font files in a folder named captcha
  // for easy access and simplicity of use
  // Captcha script for GD > 2.0
  /* Few notes about this script
  the width and height are measured in px so adjust according to your desire
  most variables in the variable section control the entire script
  so no editing below them should be needed
  the session variable $_SESSION['tt_pass'] is what holds the pass in the session
  can be changed on line 45
  */
  /********************VARIABLES FOR THIS SCRIPT********************/
  /*********SHOULD BE THE ONLY THING YOU HAVE TO CHANGE*********/
  $pass_length = 5; // passphrase length
  $make_upper = true; // all upper case letters in image? true or false
  $width = 200; $height = 60; // image dimensions
  $font_path = dirname(__FILE__);
  // TTF font @ only change this if you relocate the TTF files!
  $dark_font = true;
  // if you want it easier to read, side effect bots can read it easier as well  true or false
  /********************END VARIABLES FOR SCRIPT********************/
  /*********         EDIT BELOW THIS AT YOUR OWN RISK :)           *********/
  // create a passphrase  ** it is case sensitive!!! **
  session_start();
  $passwd = 'Swatsolutions';
  $i = 0;
  while ($i < $pass_length) {
    $passwd .= chr(rand(97, 122));
    $i++;
  }
  if ($make_upper) {
    $passwd = strtoupper($passwd);
  }
  // store the passphrase
  $_SESSION['tt_pass'] = $passwd;
  // get available fonts
  $fonts = array();
  if ($handle = opendir($font_path)) {
    while (false !== ($file = readdir($handle))) {
      if (substr(strtolower($file), -4, 4) == '.ttf') {
        $fonts[] = $font_path.'/'.$file;
      }
    }
  }
  if (count($fonts) < 1) {
    die('No Fonts Found!!!');
  }
  // image header
  header("Content-Type: image/jpeg");
  // clear the cache
  header("Expires: Fri, 09 Jan 2008 05:00:00 GMT");
  header("Last-Modified: ".gmdate("D, d M Y H:i:s")."GMT");
  header("Cache-Control: no-store, no-cache, must-revalidate");
  header("Cache-Control: post-check=0, pre-check=0", false);
  header("Pragma: no-cache");
  // create image
  $img = imagecreatetruecolor($width, $height);
  // fill background with random shade of pastel
  $bg = imagecolorallocate($img, rand(210, 255), rand(210, 255), rand(210, 255));
  // draw rectangle
  imagefilledrectangle($img, 0, 0, $width, $height, $bg);
  // make the background jaggedy with differnet colored polygons
  $right = rand(10, 30);
  $left = 0;
  while ($left < $width) {
    $poly_points = array(
      $left, 0,
      $right, 0,
      rand($right-25, $right+25), $height, rand($left-15, $left+15), $height);
      $c = imagecolorallocate($img, rand(210, 255), rand(210, 255), rand(210, 255));
      imagefilledpolygon($img, $poly_points, 4, $c);
      $random_amount = rand(10, 30);
      $left += $random_amount;
      $right += $random_amount;
    }
    // base range for lines
    $c_min = rand(150, 185);
    $c_max = rand(195, 280);
    // draw vertical lines
    $left = 0;
    while ($left < $width) {
      $right = $left + rand(3, 7);
      $offset = rand(-3, 3);
      $line_points = array(
        $left, 0,
        $right, 0,
        $right + $offset, $height,
        $left + $offset, $height
      );
      $pc = imagecolorallocate($img, rand($c_min, $c_max),
        rand($c_min, $c_max),
        rand($c_min, $c_max));
      imagefilledpolygon($img, $line_points, 4, $pc);
      $left += rand(20, 60);
    }
    // draw horisontal lines
    $top = 0;
    while ($top < $height) {
      $bottom = $top + rand(1, 4);
      $offset = rand(-6, 6);
      $line_points = array(
        0, $top,
        0, $bottom,
        $width, $bottom + $offset,
        $width, $top + $offset
      );
      $pc = imagecolorallocate($img, rand($c_min, $c_max),
        rand($c_min, $c_max),
        rand($c_min, $c_max));
      imagefilledpolygon($img, $line_points, 4, $pc);
      $top += rand(8, 15);
    }
    // character spacing
    $spacing = $width/(strlen($passwd)+2);
    $x = $spacing;
    // draw each character
    for ($i=0; $i < strlen($passwd); $i++) {
      $letter = $passwd[$i];
      $size = rand($height/3, $height/2);
      $rotation = rand(-30, 30);
      $y = rand($height * .90, $height - $size - 4);
      // random font
      $font = $fonts[array_rand($fonts)];
      // color for letter
      if ($dark_font) {
        $r = rand(0, 200); $g = rand(0, 200); $b = rand(0, 200);
      } else {
        $r = rand(100, 255); $g = rand(100, 255); $b = rand(100, 255);
      }
      // create letter and shadow colors
      $color = imagecolorallocate($img, $r, $g, $b);
      $shadow = imagecolorallocate($img, $r/3, $g/3, $b/3);
      // draw the shadow than letter
      imagettftext($img, $size, $rotation, $x, $y, $shadow, $font, $letter);
      imagettftext($img, $size, $rotation, $x-1, $y-3, $color, $font, $letter);
      // space the letter
      $x += rand($spacing, $spacing * 1.5);
    }
    // clear the memory used to make the captcha image
    imagejpeg($img);
    imagedestroy($img);
  ?>

所有功能都通过Wordpress中的功能页面进行处理。我对Wordpress非常陌生,我这样做是为了帮助朋友。如果有人可以帮助编写代码以验证验证码,我将非常感激。在下面的链接中,您可以看到我有验证码和刷新工作但没有实际功能,因为它只允许在不检查验证码的情况下发送表单。

http://swatbeta.brilliantbulb.com/contact/request-info/

这是我需要函数的quote.php表单,有人可以告诉我添加代码的内容和位置。我有信息超载,似乎没有理由是正确的。

    <?php
    $to = "@gmail.com,@brilliantbulb.com";
    $from = $_POST["email"];
    $subject = "Quote Request";
    $name =  $_POST['name'];
    $phone =  $_POST['phone'];
    $project_description =  $_POST['project_description'];
    $project_timeline =  $_POST['project_timeline'];
    $email = $_POST["email"];




    // validation
    $validationOK=true;
    if (Trim($email)=="") $validationOK=false;
    if (!$validationOK) {
      print "<meta http-equiv=\"refresh\" content=\"0;URL=/?page_id=258\">";
      exit;
    }
    $body = "Please contact the following person to discuss their project outlined    below.\n\nFrom: $name\nEmail: $email\nPhone: $phone\n\nProject Description:\n$project_description\n\nThe following is information concerning the timeline.\n$project_timeline

    ";

    $success = mail($to,$subject,$body,"From: <$email>");

    if ($success){
      print "<meta http-equiv=\"refresh\" content=\"0;URL=/thank-you/\">";
    }
    else{
      print "<meta http-equiv=\"refresh\" content=\"0;URL=/?page_id=258\">";
    }

       ?>

2 个答案:

答案 0 :(得分:0)

验证码需要在服务器端验证,否则很容易绕过。

在表单发布到的quote.php内,在脚本开头添加session_start();,在将表单数据发送到电子邮件之前,使用类似以下的代码验证验证码:< / p> 

if (!empty($_SESSION['tt_pass']) && $_SESSION['tt_pass'] === $_POST['tt_pass']) {
    // captcha is valid, proceed to send mail
    unset($_SESSION['tt_pass']);  // code valid, cannot be used more than once
} else {
    // captcha code is invalid, redisplay form and show error message
    echo 'The security code entered was incorrect.  ' 
        .'Please <a href="javascript:history.go(-1)">go back</a> and try again.';
    exit;
}

如果您不希望比较区分大小写,请通过strtolower()传递会话值和表单值。

希望有所帮助。

答案 1 :(得分:0)

如果你的MVC有一个会话类,它会在__construct函数中启动它内部的会话。

位于captcha.php put

的顶部 
<? php include ("../../library/session.class.php");

try
{
    $session = new Session();
}
catch (Exception $e) {
    echo $e->getMessage();
    exit;
}

而不是标准:session_start();

相关问题
最新问题