Reputation: 377
I need to add a simple captcha like word captcha or math captcha to the registration form. However the code is not working. Following is the code: (Please help me in fixing the code)
//random string generator function
function random($length){
//create a or array string called chars
$chars ="abcdefghijklmnopqrstuvwxyz23456789";
$str = "";
//is the variable which is equal to the length of the string called chars
$size = strlen($chars);
for($i=0; $i<$length; $i++){
$str .= $chars[rand(0, $size-1)];
return $str;
//the gd image adaptor in xampp
$cap = random(7);
$_SESSION['real'] = $cap;
$image = imagecreate(100, 20);
$background = imagecolorallocate($image, 0, 0, 0);
$foreground = imagecolorallocate($image, 255, 255, 255);
//this is going to write our string in the image
imagestring($image, 5,5,1,$cap,$foreground);
header("Content-type: image/jpeg");
registration page code
//This function will display the registration form
function register_form(){
$date = date('D, M, Y');
echo "<form action='?act=register' method='post'>"
."Username: <input type='text' name='username' size='30'><br>"
."Password: <input type='password' name='password' size='30'><br>"
."Confirm your password: <input type='password' name='password_conf' size='30'><br>"
."Email: <input type='text' name='email' size='30'><br>"
."<img src= 'captcha.php'> <input type='text' name='captcha'<br>"
."<input type='hidden' name='date' value='$date'>"
."<input type='submit' value='Register'>"
//This function will register users data
function register(){
//Connecting to database
$connect = mysql_connect("localhost", "root", "nokiae71");
//Selecting database
$select_db = mysql_select_db("forumStructure", $connect);
//Collecting info
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$pass_conf = $_REQUEST['password_conf'];
$email = $_REQUEST['email'];
$date = $_REQUEST['date'];
$guess = $_POST['captcha'];
//Here we will check do we have all inputs filled
die("Please enter your username!<br>");
die("Please enter your password!<br>");
die("Please confirm your password!<br>");
die("Please enter your email!");
$real = (isset($_SESSION['real'])) ? $_SESSION['real'] : "";
if (empty($guess))
die("Please enter the correct CAPTCHA.<br>");
/*if ($real != $guess){
die("things are bad");
if (!empty($guess) && $guess !== $real)
die("Please enter the correct CAPTCHA.<br>");
//Let's check if this username is already in use
$user_check = mysql_query("SELECT username FROM users WHERE username='$username'");
$do_user_check = mysql_num_rows($user_check);
//Now if email is already in use
$email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$do_email_check = mysql_num_rows($email_check);
//Now display errors
if($do_user_check > 0){
die("Username is already in use!<br>");
if($do_email_check > 0){
die("Email is already in use!");
//Now let's check does passwords match
if($password != $pass_conf){
die("Passwords don't match!");
//If everything is okay let's register this user
$insert = mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$password', '$email')");
die("There's little problem: ".mysql_error());
echo $username.", you are now registered. Thank you!<br><a href=login.php>Login</a> | <a href=index.php>Index</a>";
$act = isset($_GET['act']) ? $_GET['act'] : '';
case "register";
thanks I'm just a newbie in php and I would like to learn how to do this. I got the registration code on stackoverflow for learning purposes only... Your help or suggestions will be highly appreciated.
Upvotes: 1
Views: 3446
Reputation: 14578
You can use this codes -
// PHP module for easy utilization of the free CAPTCHA service
// For documentation look at
// Written by
// Sebastian Wilhelmi <[email protected]> and
// Felix Holderied <[email protected]>
// This file is in the public domain.
// ChangeLog:
// 2014-04-27: Fixed missing initialization
// 2011-04-25: Added function captchas_image_reload
// 2011-03-08: Added color option (Alfred Vink)
// 2006-08-16: New optional features integrated
// 2006-03-01: Only delete the random string from the repository in
// case of a successful verification.
// 2006-02-14: Add new image() method returning an HTML/JavaScript
// snippet providing a fault tolerant service.
// 2005-06-02: Initial version.
class CaptchasDotNet
function CaptchasDotNet ($client, $secret,
$random_repository = '/tmp/captchasnet-random-strings',
$cleanup_time = 3600,
$alphabet = 'abcdefghijklmnopqrstuvwxyz',
$letters = 6,
$width = 240,
$height = 80,
$color = '000000'
$this->__client = $client;
$this->__secret = $secret;
$this->__random_repository = $random_repository;
$this->__cleanup_time = $cleanup_time;
$this->__time_stamp_file = $random_repository . '/__time_stamp__';
$this->__alphabet = $alphabet;
$this->__letters = $letters;
$this->__width = $width;
$this->__height = $height;
$this->__color = $color;
$this->__random_file = "";
function __random_string ()
// The random string shall consist of small letters, big letters
// and digits.
$letters = "abcdefghijklmnopqrstuvwxyz";
$letters .= strtoupper ($letters) + "0123456789";
// The random starts out empty, then 40 random possible characters
// are appended.
$random_string = '';
for ($i = 0; $i < 40; $i++)
$random_string .= $letters{rand (0, strlen ($letters) - 1)};
// Return the random string.
return $random_string;
// Create a new random string and register it.
function random ()
// If the repository directory is does not yet exist, create it.
if (!is_dir ($this->__random_repository))
mkdir ($this->__random_repository);
// If the time stamp file does not yet exist, create it.
if (!is_file ($this->__time_stamp_file))
touch ($this->__time_stamp_file);
// Get the current time.
$now = time ();
// Determine the time, before which to remove random strings.
$cleanup_time = $now - $this->__cleanup_time;
// If the last cleanup is older than specified, cleanup the
// directory.
if (filemtime ($this->__time_stamp_file) < $cleanup_time)
$handle = opendir ($this->__random_repository);
while (true)
$filename = readdir ($handle);
if (!$filename)
if ($filename != '.' && $filename != '..')
$filename = $this->__random_repository . '/' . $filename;
if (filemtime ($filename) < $cleanup_time)
unlink ($filename);
closedir ($handle);
touch ($this->__time_stamp_file);
// loop until a valid random string has been found and registered,
// but at most 20 times. If no valid random has been found during
// that time, there is something really wrong. Also show the error
// in the last run.
for ($remaining = 20; $remaining > 0; $remaining--)
// generate a new random string.
$random = $this->__random_string ();
// open a file with the corresponding name in the repository
// directory in such a way, that the creation fails, when the
// file already exists. That should be near to impossible with
// good seeding of the random number generator, but it's better
// to play safe. If this is the last run, show the possible
// error message.
$filename = $this->__random_repository . '/' . $random;
if ($remaining == 1)
$file = fopen ($filename, 'x');
$file = @fopen ($filename, 'x');
if ($file)
fclose ($file);
// if the file already existed, rerun the loop to try the next
// string.
// return the successfully registered random string.
$this->__random = $random;
return $random;
// Generates image-URL Parameters are only atached if different from default
function image_url ($random = False, $base = '')
if (!$random)
$random = $this->__random;
$image_url = $base;
$image_url .= '?client=' . $this->__client;
$image_url .= '&random=' . $random;
if ($this->__alphabet!='abcdefghijklmnopqrstuvwxyz') {$image_url .= '&alphabet=' . $this->__alphabet;};
if ($this->__letters!=6) {$image_url .= '&letters=' . $this->__letters;};
if ($this->__width!=240) {$image_url .= '&width=' . $this->__width;};
if ($this->__height!=80) {$image_url .= '&height=' . $this->__height;};
if ($this->__color!='000000') {$image_url .= '&color=' . $this->__color;};
return $image_url;
// Same as image_url but without width and height
function audio_url ($random = False, $base = '')
if (!$random)
$random = $this->__random;
$audio_url = $base;
$audio_url .= '?client=' . $this->__client;
$audio_url .= '&random=' . $random;
if ($this->__alphabet!='abcdefghijklmnopqrstuvwxyz') {$audio_url .= '&alphabet=' . $this->__alphabet;};
if ($this->__letters!=6) {$audio_url .= '&letters=' . $this->__letters;};
return $audio_url;
// Generates complete html-sample with javascript to reload image from
// backup server
function image ($random = False, $id = '')
$image = <<<EOT
<a href=""><img
style="border: none; vertical-align: bottom"
id="@ID@" src="@URL@" width="@WIDTH@" height="@HEIGHT@"
alt="The Captcha image" /></a>
<script type="text/javascript">
function captchas_image_reload (imgId)
var image_url = document.getElementById(imgId).src;
image_url+= "&";
document.getElementById(imgId).src = image_url;
function captchas_image_error (image)
if (!image.timeout) return true;
image.src = image.src.replace (/^http:\/\/image\.captchas\.net/,
return captchas_image_loaded (image);
function captchas_image_loaded (image)
if (!image.timeout) return true;
window.clearTimeout (image.timeout);
image.timeout = false;
return true;
var image = document.getElementById ('@ID@');
image.onerror = function() {return captchas_image_error (image);};
image.onload = function() {return captchas_image_loaded (image);};
= window.setTimeout(
"captchas_image_error (document.getElementById ('@ID@'))",
image.src = image.src;
$image = str_replace ('@HEIGHT@', $this->__height, $image);
$image = str_replace ('@WIDTH@', $this->__width, $image);
$image = str_replace ('@ID@', $id, $image);
$image = str_replace ('@URL@', $this->image_url (), $image);
return $image;
function validate ($random)
$this->__random = $random;
$file_name = $this->__random_repository . '/' . $random;
// Find out, whether the file exists
$result = is_file ($file_name);
// if the file exists, remember it.
if ($result)
$this->__random_file = $file_name;
// the random string was valid, if and only if the corresponding
// file existed.
return $result;
function verify ($input, $random = False)
if (!$random)
$random = $this->__random;
$password_letters = $this->__alphabet;
$password_length = $this->__letters;
// If the user input has the wrong lenght, it can't be correct.
if (strlen ($input) != $password_length)
return False;
// Calculate the MD5 digest of the concatenation of secret key and
// random string. The digest is a hex string.
$encryption_base = $this->__secret . $random;
// This extension is needed for secure use of optional parameters
// In case of standard use we do not append the values, to be
// compatible to existing implementations
if(($password_letters != 'abcdefghijklmnopqrstuvwxyz') || ($password_length != '6'))
$encryption_base = $encryption_base . ':' . $password_letters . ':' . $password_length;
$digest = md5 ($encryption_base);
// Check the password according to the rules from the first
// positions of the digest.
for ($pos = 0; $pos < $password_length; $pos++)
= hexdec (substr ($digest, 2 * $pos, 2)) % strlen ($password_letters);
// If the letter at the current position is wrong, the user
// input isn't correct.
if ($input[$pos] != $password_letters[$letter_num])
return False;
// if the file exists, remove it.
if ($this->__random_file)
unlink ($this->__random_file);
unset ($this->__random_file);
// The user input was correct.
return True;
It is the library.
Now the HTML code-
require 'CaptchasDotNet.php';
// Required Parameters
// Replace the values you receive upon registration at
// client: 'demo'
// secret: 'secret'
// Optional Parameters and defaults
// repository_prefix: '/tmp/captchasnet-random-strings' path to repository
// '/writable/path/captchasnet-random-strings'
// cleanup_time: '3600' (means max 1 hour between query and check)
// alphabet: 'abcdefghijklmnopqrstuvwxyz' (Used characters in captcha)
// We recommend alphabet without ijl: 'abcdefghkmnopqrstuvwxyz'
// letters: '6' (Number of characters in captcha)
// width: '240' (image width)
// height: '80' (image height)
// color: '000000' (image color in rgb)
// language: 'en' (audio language, append &language=fr/de/it/nl to audio-url)
// Usage
// $captchas = new CaptchasDotNet (<client>, <secret>,
// <repository_prefix>, <cleanup_time>,
// <alphabet>,<letters>,
// <height>,<width>,<color>);
// Don't forget same settings in check.php
// Construct the captchas object.
$captchas = new CaptchasDotNet ('demo', 'secret',
<title>Sample PHP CAPTCHA Query</title>
<h1>Sample PHP CAPTCHA Query</h1>
<form method="get" action="check.php">
<input type="hidden" name="random" value="<?= $captchas->random () ?>" />
Your message:</td><td><input name="message" size="60" />
The CAPTCHA password:
<input name="password" size="6" />
<?= $captchas->image () ?> <a href="javascript:captchas_image_reload('')">Reload Image</a>
<br> <a href="<?= $captchas->audio_url () ?>">Phonetic spelling (mp3)</a>
<br> <a href="<?= $captchas->audio_url () ?>&language=de">Buchstabieren (mp3)</a>
<br> <a href="<?= $captchas->audio_url () ?>&language=it">Compitare (mp3)</a>
<br> <a href="<?= $captchas->audio_url () ?>&language=nl">Spellen (mp3)</a>
<br> <a href="<?= $captchas->audio_url () ?>&language=fr">Epeler (mp3)</a>
<input type="submit" value="Submit" />
ANd now the checking -
require 'CaptchasDotNet.php';
// See query.php for documentation
$captchas = new CaptchasDotNet ('demo', 'secret',
// Read the form values
$message = $_REQUEST['message'];
$password = $_REQUEST['password'];
$random_string = $_REQUEST['random'];
<title>Sample PHP CAPTCHA Query</title>
<h1>Sample PHP CAPTCHA Query</h1>
// Check the random string to be valid and return an error message
// otherwise.
if (!$captchas->validate ($random_string))
echo 'The session key (random) does not exist, please go back and reload form.<br/>';
echo 'In case you are the administrator of this page, ';
echo 'please check if random keys are stored correct.<br/>';
echo 'See "Problems with save mode"';
// Check, that the right CAPTCHA password has been entered and
// return an error message otherwise.
elseif (!$captchas->verify ($password))
echo 'You entered the wrong password. Aren\'t you human? Please use back button and reload.';
// Return a success message
echo 'Your message was verified to be entered by a human and is "' . $message . '"';
Think, it will help you much
Upvotes: 0
Reputation: 308
you are missing session_start(); at the top and the > on the
<img src= 'captcha.php'> <input type='text' name='captcha'><br>"
Upvotes: 1