Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 1 | ############## |
| 2 | CAPTCHA Helper |
| 3 | ############## |
| 4 | |
| 5 | The CAPTCHA Helper file contains functions that assist in creating |
| 6 | CAPTCHA images. |
| 7 | |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 8 | .. contents:: |
| 9 | :local: |
| 10 | |
| 11 | .. raw:: html |
| 12 | |
| 13 | <div class="custom-index container"></div> |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 14 | |
| 15 | Loading this Helper |
| 16 | =================== |
| 17 | |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 18 | This helper is loaded using the following code:: |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 19 | |
| 20 | $this->load->helper('captcha'); |
| 21 | |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 22 | Using the CAPTCHA helper |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 23 | ======================== |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 24 | |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 25 | Once loaded you can generate a CAPTCHA like this:: |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 26 | |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 27 | $vals = array( |
| 28 | 'word' => 'Random word', |
| 29 | 'img_path' => './captcha/', |
| 30 | 'img_url' => 'http://example.com/captcha/', |
| 31 | 'font_path' => './path/to/fonts/texb.ttf', |
| 32 | 'img_width' => '150', |
| 33 | 'img_height' => 30, |
ash | 3fd9bf8 | 2013-04-10 12:40:31 +0100 | [diff] [blame] | 34 | 'expiration' => 7200, |
ash | 29ae72d | 2013-04-10 13:59:42 +0100 | [diff] [blame] | 35 | 'word_length' => 8, |
Preetham | bfa1644 | 2014-11-12 10:26:24 -0500 | [diff] [blame] | 36 | 'font_size' => 16, |
Preetham | 6157e52 | 2014-12-05 12:19:09 -0500 | [diff] [blame] | 37 | 'img_id' => 'Imageid', |
Andrey Andreev | 8963f40 | 2013-07-18 16:02:47 +0300 | [diff] [blame] | 38 | 'pool' => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', |
| 39 | |
Andrey Andreev | c0a1ce9 | 2013-07-18 16:05:02 +0300 | [diff] [blame] | 40 | // White background and border, black text and red grid |
Andrey Andreev | 8963f40 | 2013-07-18 16:02:47 +0300 | [diff] [blame] | 41 | 'colors' => array( |
| 42 | 'background' => array(255, 255, 255), |
| 43 | 'border' => array(255, 255, 255), |
| 44 | 'text' => array(0, 0, 0), |
| 45 | 'grid' => array(255, 40, 40) |
| 46 | ) |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 47 | ); |
| 48 | |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 49 | $cap = create_captcha($vals); |
| 50 | echo $cap['image']; |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 51 | |
| 52 | - The captcha function requires the GD image library. |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 53 | - Only the **img_path** and **img_url** are required. |
| 54 | - If a **word** is not supplied, the function will generate a random |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 55 | ASCII string. You might put together your own word library that you |
| 56 | can draw randomly from. |
| 57 | - If you do not specify a path to a TRUE TYPE font, the native ugly GD |
| 58 | font will be used. |
Andrey Andreev | 4596574 | 2014-08-27 20:40:11 +0300 | [diff] [blame] | 59 | - The "captcha" directory must be writable |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 60 | - The **expiration** (in seconds) signifies how long an image will remain |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 61 | in the captcha folder before it will be deleted. The default is two |
| 62 | hours. |
ash | 29ae72d | 2013-04-10 13:59:42 +0100 | [diff] [blame] | 63 | - **word_length** defaults to 8, **pool** defaults to '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' |
Preetham | e291365 | 2014-12-04 21:01:52 -0500 | [diff] [blame] | 64 | - **font_size** defaults to 16, the native GD font has a size limit. Specify a "true type" font for bigger sizes. |
| 65 | - The **img_id** will be set as the "id" of the captcha image. |
Andrey Andreev | 8963f40 | 2013-07-18 16:02:47 +0300 | [diff] [blame] | 66 | - If any of the **colors** values is missing, it will be replaced by the default. |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 67 | |
| 68 | Adding a Database |
| 69 | ----------------- |
| 70 | |
| 71 | In order for the captcha function to prevent someone from submitting, |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 72 | you will need to add the information returned from ``create_captcha()`` |
| 73 | to your database. Then, when the data from the form is submitted by |
| 74 | the user you will need to verify that the data exists in the database |
| 75 | and has not expired. |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 76 | |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 77 | Here is a table prototype:: |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 78 | |
| 79 | CREATE TABLE captcha ( |
| 80 | captcha_id bigint(13) unsigned NOT NULL auto_increment, |
| 81 | captcha_time int(10) unsigned NOT NULL, |
Bo-Yi Wu | f3fddf6 | 2012-08-31 10:10:16 +0800 | [diff] [blame] | 82 | ip_address varchar(45) NOT NULL, |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 83 | word varchar(20) NOT NULL, |
| 84 | PRIMARY KEY `captcha_id` (`captcha_id`), |
| 85 | KEY `word` (`word`) |
| 86 | ); |
| 87 | |
| 88 | Here is an example of usage with a database. On the page where the |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 89 | CAPTCHA will be shown you'll have something like this:: |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 90 | |
| 91 | $this->load->helper('captcha'); |
| 92 | $vals = array( |
| 93 | 'img_path' => './captcha/', |
| 94 | 'img_url' => 'http://example.com/captcha/' |
| 95 | ); |
| 96 | |
| 97 | $cap = create_captcha($vals); |
| 98 | $data = array( |
| 99 | 'captcha_time' => $cap['time'], |
| 100 | 'ip_address' => $this->input->ip_address(), |
| 101 | 'word' => $cap['word'] |
| 102 | ); |
| 103 | |
| 104 | $query = $this->db->insert_string('captcha', $data); |
| 105 | $this->db->query($query); |
| 106 | |
| 107 | echo 'Submit the word you see below:'; |
Derek Jones | b8c283a | 2013-07-19 16:02:53 -0700 | [diff] [blame] | 108 | echo $cap['image']; |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 109 | echo '<input type="text" name="captcha" value="" />'; |
| 110 | |
| 111 | Then, on the page that accepts the submission you'll have something like |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 112 | this:: |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 113 | |
| 114 | // First, delete old captchas |
| 115 | $expiration = time() - 7200; // Two hour limit |
| 116 | $this->db->where('captcha_time < ', $expiration) |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 117 | ->delete('captcha'); |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 118 | |
| 119 | // Then see if a captcha exists: |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 120 | $sql = 'SELECT COUNT(*) AS count FROM captcha WHERE word = ? AND ip_address = ? AND captcha_time > ?'; |
Derek Jones | 8ede1a2 | 2011-10-05 13:34:52 -0500 | [diff] [blame] | 121 | $binds = array($_POST['captcha'], $this->input->ip_address(), $expiration); |
| 122 | $query = $this->db->query($sql, $binds); |
| 123 | $row = $query->row(); |
| 124 | |
| 125 | if ($row->count == 0) |
| 126 | { |
Andrey Andreev | 48a8675 | 2012-11-08 15:16:34 +0200 | [diff] [blame] | 127 | echo 'You must submit the word that appears in the image.'; |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 128 | } |
| 129 | |
| 130 | Available Functions |
| 131 | =================== |
| 132 | |
| 133 | The following functions are available: |
| 134 | |
Andrey Andreev | cd3d9db | 2015-02-02 13:41:01 +0200 | [diff] [blame] | 135 | .. php:function:: create_captcha([$data = ''[, $img_path = ''[, $img_url = ''[, $font_path = '']]]]) |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 136 | |
| 137 | :param array $data: Array of data for the CAPTCHA |
Andrey Andreev | 44aa1ab | 2017-11-07 15:42:53 +0200 | [diff] [blame] | 138 | :param string $img_path: Path to create the image in (DEPRECATED) |
| 139 | :param string $img_url: URL to the CAPTCHA image folder (DEPRECATED) |
| 140 | :param string $font_path: Server path to font (DEPRECATED) |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 141 | :returns: array('word' => $word, 'time' => $now, 'image' => $img) |
Andrey Andreev | 3de130c | 2014-02-07 23:31:49 +0200 | [diff] [blame] | 142 | :rtype: array |
Derek Jones | 333ad2e | 2013-07-19 17:03:25 -0700 | [diff] [blame] | 143 | |
| 144 | Takes an array of information to generate the CAPTCHA as input and |
| 145 | creates the image to your specifications, returning an array of |
| 146 | associative data about the image. |
| 147 | |
| 148 | :: |
| 149 | |
| 150 | array( |
| 151 | 'image' => IMAGE TAG |
| 152 | 'time' => TIMESTAMP (in microtime) |
| 153 | 'word' => CAPTCHA WORD |
| 154 | ) |
| 155 | |
| 156 | The **image** is the actual image tag:: |
| 157 | |
| 158 | <img src="http://example.com/captcha/12345.jpg" width="140" height="50" /> |
| 159 | |
| 160 | The **time** is the micro timestamp used as the image name without the |
| 161 | file extension. It will be a number like this: 1139612155.3422 |
| 162 | |
| 163 | The **word** is the word that appears in the captcha image, which if not |
Andrey Andreev | 44aa1ab | 2017-11-07 15:42:53 +0200 | [diff] [blame] | 164 | supplied to the function, will be a random string. |
| 165 | |
| 166 | .. note:: Usage of the ``$img_path``, ``$img_url`` and ``$font_path`` |
| 167 | parameters is DEPRECATED. Provide them in the ``$data`` array |
| 168 | instead. |