Log Stats

So, you have a submission form on your website and need to prevent spam by auto-submitters. The most common way to do this is to implement CAPTCHA - an image with randomly generated string (quote from Wikipedia, free online enciclopedia: “A CAPTCHA is a type of challenge-response test used in computing to determine whether the user is human. "CAPTCHA" is an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart", trademarked by Carnegie Mellon University.”)

Simple, quick and efficient PHP solution for implement CAPTCHA:

the advantage of this solution: it is easy to read symbols by human and automated captcha processor software, but hard to process the image by computer because common CAPTCHA processors can't understand which one of the outputted symbols it must ignore!

obviously you need PHP engine enabled for your webserver, for execute PHP scripts, and GD (PHP graphics library) for generate the image. Webserver, PHP and GD versions are no matter, the solution below is tested for Apache(Windows and Unix), IIS(Windows), PHP-4, PHP-5, GD, GD2

1) Make a PHP script (separate file captcha.php) which will generate the CAPTCHA image:
[?php
session_start();
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
function _generateRandom($length=6){
$_rand_src = array(
array(48,57) //digits
, array(97,122) //lowercase chars
// , array(65,90) //uppercase chars
);
srand ((double) microtime() * 1000000);
$random_string = "";
for($i=0;$i<$length;$i++){
$i1=rand(0,sizeof($_rand_src)-1);
$random_string .= chr(rand($_rand_src[$i1][0],$_rand_src[$i1][1]));
}
return $random_string;
}
$im = @imagecreatefromjpeg("captcha.jpg");
$rand = _generateRandom(3);
$_SESSION['captcha'] = $rand;
ImageString($im, 5, 2, 2, $rand[0]." ".$rand[1]." ".$rand[2]." ", ImageColorAllocate ($im, 0, 0, 0));
$rand = _generateRandom(3);
ImageString($im, 5, 2, 2, " ".$rand[0]." ".$rand[1]." ".$rand[2], ImageColorAllocate ($im, 255, 0, 0));
Header ('Content-type: image/jpeg');
imagejpeg($im,NULL,100);
ImageDestroy($im);
?]

2) Add the following line at the top of the page where you need to implement the CAPTCHA (there should not be any output before this line, except you use php functions ob_start() and ob_end_flush() to turn on output buffering):
[?php session_start(); ?]

3) Add the following line for check is CAPTCHA entered by visitor valid, before the line where you will proceed submitted message:
[?php if($_SESSION["captcha"]==$_POST["captcha"])
{
//CAPTHCA is valid; proceed the message: save to database, send by e-mail ...
echo 'CAPTHCA is valid; proceed the message';
}
else {

echo 'CAPTHCA is not valid; ignore submission'; }?]

4) Finaly add the CAPTCHA to the form:
[img src="captcha.php" alt="captcha image"][input type="text" name="captcha" size="3" maxlength="3"]

P.S.
notice:
- the tags "[?" and "?]" in code samples above should be replaced to the "", you may download original article and code sample here: free download php captcha demo

- requirements: a webserver (windows or linux no matter) with PHP engine, with GD (graphic library) support, you may check your php settings with phpinfo() function

- you need some blank jpg image for use it as background for CAPTCHA string

By Andrew Ivanov
PHP On The Fly

Log Stats part 1