Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 333
  • Last Modified:

Stop Mass Signups? PHP Form Security Checks?

Hi,

I was wondering where anyone can advise me how I would go about stopping automated signups for in PHP. I have seen systems where the script generates an image and the user types in the code that can be seen in the image.

I have searched the 'net but cant seem to find anything...

How do I do this?

TIA
Paul
0
pnh73
Asked:
pnh73
  • 2
1 Solution
 
scully00000Commented:
If you are running PHP on Linux:

1. Get Zlib from wherever you get your libraries from (e.g. www.redhat.com). Install it.

2. Get libpng and install it.

3. Get Freetype and install it.

4. Compile the GD library.

5. Recompile PHP with the following options:
--with-gd=/usr/local --with-png-dir=/usr/local --with-freetype-dir=/usr/local --with-zlib-dir=/usr/local (replace /usr/local with wherever you installed the libraries)

Check PHP works.

Add a function like this:
function randomimg($numstring)

{
$im = ImageCreate (300, 40);
$grey = ImageColorAllocate ($im, 230, 230, 230);
$black = ImageColorAllocate ($im, 0, 0, 0);

ImageTTFText ($im, 20, 0, 10, 25, $black, "arial.ttf", $numstring);

ImagePng ($im);
ImageDestroy ($im);
}

Generate a random number string by your choice of method and pass it to this function.

Cheers
0
 
pnh73Author Commented:
I need a way of doing that doesnt require a linux base or a recompile of PHP as I will probably be serving the site from shared hosting and maybe not even off Linux (much to my dislike, but its the choice of my client).
0
 
shmertCommented:
Do a google search for "CAPTCHA".  http://www.captcha.net/

Note to scully:  I think a good captcha system will distort the images some, so OCR (Optical Character Recognition) systems can't decipher the image.  One low-tech way to do it would be to create your own alphabet of scrambled images, and then assemble them using <img> tags.  Just don't name the images anything obvious like 's.gif' or something.

Then, display a string of these images which spell out a word, and have the user registering type in the text to authenticate that he is, in fact, human.
0
 
pnh73Author Commented:
After a little bit more searching with the aid of the post from shmert i found the follwing which looks like it will work :D

http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=739&lngWId=8

Thanks

Paul
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now