Skip to content

Instantly share code, notes, and snippets.

@sh4dowb

sh4dowb/captcha_readme.txt

Last active Nov 15, 2019
Embed
What would you like to do?
PHP simple high performance captcha (uses memcache)
Include AHGBold.tff
Run memcached at default port (11211)
Example captcha: https://i.ibb.co/sPQjW0K/index.png
<?php
$captchaSecret = "123";
# Generate captcha
$image = imagecreatetruecolor(200, 50);
$background_color = imagecolorallocate($image, 255, 255, 255);
imagefilledrectangle($image,0,0,200,50,$background_color);
$number_of_lines=rand(3,7);
for($i=0;$i<$number_of_lines;$i++)
{
$line_color = imagecolorallocate($image, rand(0,255), rand(0,255), rand(0,255));
imageline($image,0,rand()%50,250,rand()%50,$line_color);
}
for($i=0;$i<500;$i++)
{
$pixel = imagecolorallocate($image, rand(0,255),rand(0,255),rand(0,255));
imagesetpixel($image,rand()%200,rand()%50,$pixel);
}
$allowed_letters = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnopqrstuvwxyz123456789';
$length = strlen($allowed_letters);
$letter = $allowed_letters[rand(0, $length-1)];
$word='';
$text_color = imagecolorallocate($image, 0,0,0);
$cap_length=6;// No. of character in image
$lastx = -10;
for ($i = 0; $i< $cap_length;$i++)
{
$color = imagecolorallocate($image, rand(0, 255), rand(0, 180), rand(0,180));
$letter = $allowed_letters[rand(0, $length-1)];
$lastx += rand(20,33);
imagettftext($image, rand(17,20), rand(0, 35), $lastx, rand(25,40) , $color, "AHGBold.ttf" , $letter );
$word.=$letter;
}
# put captcha to a variable as base64
ob_flush();
ob_start();
imagepng($image);
$img = ob_get_clean();
ob_end_clean();
imagedestroy($image);
$b64encode = base64_encode($img);
$validUntil = time()+60;
$token = sha256(strtolower($word).sha256($captchaSecret.$validUntil));
# show captcha
?>
<img src="data:image/png;base64,<?=$b64encode?>">
<form action="verify_captcha.php" method="post">
<input type="text" name="captchaValue" minlength="6" maxlength="6" class="form-control" placeholder="">
<input type="hidden" name="validUntil" value="<?=$validUntil?>">
<input type="hidden" name="token" value="<?=$token?>">
<button type="submit" class="btn btn-primary btn-block">Submit</button>
</form>
<?php
$captchaSecret = "123";
$validUntil = $_POST['validUntil'];
$captchaValue = $_POST['captchaValue'];
$originaltoken = $_POST['token'];
$delta = $validUntil - time();
if($delta > 60)
throw new CustomException('Captcha is invalid');
else if($delta < 0)
throw new CustomException('Captcha is expired');
if(strlen($originaltoken) != 64)
throw new CustomException('Captcha is invalid');
if(strlen($captchaValue) != 6)
throw new CustomException('Wrong captcha');
$memcached = new Memcached;
$memcached->addServer("127.0.0.1", 11211);
# if token is used or memcached server is down
if($memcached->get($originaltoken.":used") === true || $memcached->getResultCode() !== 16)
throw new CustomException('Captcha is expired');
$memcached->set($originaltoken.":used", true, 70);
$solvedtoken = sha256(strtolower($captchaValue).sha256($captchaSecret.$validUntil));
if($solvedtoken == $originaltoken){
session_start();
$_SESSION['captchatimeout'] = time()+1800;
# create a session to keep user authenticated
die("Captcha verified!");
}
else{
throw new CustomException('Wrong captcha');
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.