Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming The Captcha Plugin Hmmm...
The Captcha Plugin Hmmm...
  • El Forum
    Guest
  •  
#1
11-09-2007, 10:46 AM

[eluser]europe72[/eluser]
I was just reviewing the CAPTCHA plugin class and couldn't help but wonder if the CAPTCHA data really belongs in session and not in a database...Creating, connecting to and fetching from a DB seems like a lot of work for a CAPTCHA.

Also, I can't tell from the docs, but is the name of the image being created by the CAPTCHA pugin equal to the CAPTCHA random word itself? I would think that would be a security issue.

Really just trying to open this up for discussion... =]
  • El Forum
    Guest
  •  
#2
11-09-2007, 11:37 AM

[eluser]ELRafael[/eluser]
I saw the plugin and didn't like.

I use JPGraph Antispam as a plugin in CI. Better
  • El Forum
    Guest
  •  
#3
11-09-2007, 02:23 PM

[eluser]Pygon[/eluser]
IMO, session is a far better place to store captcha text.
  • El Forum
    Guest
  •  
#4
11-15-2007, 03:20 AM

[eluser]autoreverse[/eluser]
I too wondered about the need for a database. So I've cobbled together a helper based on Rick's plugin. It has two functions: create_captcha and validate_captcha. The captcha word is encrypted using crypt() and stored in the image file name. Needless to say, longer captchas are better so the default length is 6 characters.
Feedback appreciated Smile

GZ : captcha_lite_helper.php.gz ZIP : captcha_lite_helper.php.zip
  • El Forum
    Guest
  •  
#5
11-15-2007, 07:49 AM

[eluser]otherjohn[/eluser]
I personally am using http://www.captcha.net/ (reCaptcha) API. Its easy to use and integrate.
  • El Forum
    Guest
  •  
#6
11-21-2007, 02:02 PM

[eluser]James Pax[/eluser]
[quote author="autoreverse" date="1195140029"]I too wondered about the need for a database. So I've cobbled together a helper based on Rick's plugin. It has two functions: create_captcha and validate_captcha. The captcha word is encrypted using crypt() and stored in the image file name. Needless to say, longer captchas are better so the default length is 6 characters.
Feedback appreciated Smile

GZ : captcha_lite_helper.php.gz ZIP : captcha_lite_helper.php.zip[/quote]

NICE!! Thankyou very much! Very helpfull! Tongue
  • El Forum
    Guest
  •  
#7
03-20-2008, 06:33 PM

[eluser]ardinotow[/eluser]
See this thread for easy implementation captcha
http://ellislab.com/forums/viewthread/61678/
  • El Forum
    Guest
  •  
#8
01-04-2009, 12:50 PM

[eluser]winterain[/eluser]
sorry to dig this up, but the captcha_lite_helper was the only captcha I got working.

Question now is how to use the validation function included in it?

Code:
function validate_captcha($data, $word='', $img_path = '', $img_url = ''){

    $defaults = array('word' => '', 'img_path' => '', 'img_url' => '', 'expiration' => 7200);
    
    foreach ($defaults as $key => $val)
    {
        if ( ! is_array($data))
        {
            if ( ! isset($$key) OR $$key == '')
            {
                $$key = $val;
            }
        }
        else
        {            
            $$key = ( ! isset($data[$key])) ? $val : $data[$key];
        }
    }


    // -----------------------------------
    // Remove old images
    // -----------------------------------

    $current_dir = @opendir($img_path);
    
    while($filename = @readdir($current_dir))
    {
        if ($filename != "." and $filename != ".." and $filename != "index.html")
        {
            if ((filemtime($img_path.$filename) + $expiration) < time())
            {
                @unlink($img_path.$filename);
            }
        }
    }
    
    @closedir($current_dir);


    // -----------------------------------
    // Exit early?
    // -----------------------------------

    if ($word == '' OR $img_path == '' OR $img_url == '')
    {
        return FALSE;
    }

    if ( ! @is_dir($img_path))
    {
        return FALSE;
    }
    
    if ( ! is_writable($img_path))
    {
        return FALSE;
    }
            
    if ( ! extension_loaded('gd'))
    {
        return FALSE;
    }        
    

    // -----------------------------------
    // Validate text
    // -----------------------------------
    
    $filename = basename($img_url);
    
    // Return FALSE if file does not exist - prevents repeated submissions
    if (!is_file($img_path.$filename))
    {
        return FALSE;
    }

    // Delete the file - one guess only!
    @unlink ($img_path.$filename);
    
    // Extract the encrypted word
    $encrypted_word = base64_decode(str_replace('jpg', '', $filename));

    // Compare encrypted word with encryption of submitted word
    if ($encrypted_word == crypt($word, $encrypted_word))
    {
        return TRUE;
    }
    
    return FALSE;

}




Theme © iAndrew 2016 - Forum software by © MyBB