Captcha issues

[Rudy]

Hey guys, I would have posted this in the other thread I started today, but this has enough of a difference that I think it warrants a new thread. I have new/different code anyway...

So here's the deal: I'm trying to generate an image visual confirmation to prevent spam bots from registering - in short, trying to get a captcha working.

On submit, I keep getting the error that I was "unsuccessful" even if I type in the correct code... see this line in register.php:
echo 'You were unsuccessful';

Any idea why?

Here's my code for register.php:

<?php
session_start();
$posted = isset($_GET['submitted']) ? $_GET['submitted'] : "";
if ($posted == 'submitted') 
{
   if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
      // Insert you code for processing the form here
	echo 'You were successful!';
   } 
   else {
	echo 'You were unsuccessful';
      // Insert your code for showing an error message here
   	}
}

?>
<html>
<head>		
	<title>Students in Action Registration</title>
</head>
<body bgcolor="#FFFFFF">

<form method="get" action="register.php">
 <input type="hidden" name="submitted" value="submitted">
	<img src="CaptchaSecurityImages.php" />
	Security Code: 
	<input id="security_code" name="security_code" type="text" />
 <input type="submit" value="Submit Registration">
</form>
</body>
</html>

This is in CaptchaSecurityImages.php...

<?php
session_start();

// a bunch of GNU copyright info, removed to save space

class CaptchaSecurityImages {
 
function generateCode($length) {
   $possible = '23456789bcdfghjkmnpqrstvwxyz'; 
   $i = 0;
   while ($i < $length) { 
      $code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
      $i++;
   }
   return $code;
}
 
function CaptchaSecurityImages($width,$height,$characters,$font_size) {
   $code = $this->generateCode($characters);
   $im = imagecreate($width, $height) or die('Cannot Initialize new GD image stream');
   $background_color = imagecolorallocate($im, 255, 255, 255);
   $dot_color = imagecolorallocate($im, 35, 75, 170);
   $text_color = imagecolorallocate($im, 20, 45, 120);
   for($i=0;$i<($width*$height)/4;$i++) {
      imagefilledellipse($im,mt_rand(0,$width),mt_rand(0,$height),1,1,$dot_color);
   }
   $padding_left = ($width-($font_size/1.3*$characters))/2;
   $padding_top = ($height-$font_size)/2+$font_size;
   imagettftext($im, $font_size, 0, $padding_left, $padding_top, $text_color, '/usr/share/fonts/truetype/freefont/FreeSerif.ttf', $code);
   imagepng($im);
   imagedestroy($im);
   $_SESSION['security_code'] = $code;
}
 
}
 
$width = $_GET['width'] ? $_GET['width'] : '80';
$height = $_GET['height'] ? $_GET['height'] : '40';
$characters = $_GET['characters'] ? $_GET['characters'] : '6';
$font_size = $_GET['font_size'] ? $_GET['font_size'] : '15';
 
header('Content-Type: image/png');
$captcha = new CaptchaSecurityImages($width,$height,$characters,$font_size);
?>

Thanks,
David

 

[xemiterx]

Not sure why it it does not work. But, try this for more information.

echo out $_SESSION['security_code'] and $_POST['security_code'] right under the 'unsuccessful' message so you can compare them yourself. You may be able to narrow down the problem. code:

if ($posted == 'submitted') 
{
   if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
      // Insert you code for processing the form here
    echo 'You were successful!';
   } 
   else {
    echo 'You were unsuccessful<br>';
    echo 'session: ' . $_SESSION['security_code'] . '<br>';
    echo 'post: ' . $_POST['security_code'] . '<br>';
      // Insert your code for showing an error message here
       }
}

 

[Keral_Patel]

Hey friend, If this thing doesn't work and you want to try this captcha

http://www.dndelivery.com/review14.html

Let me know. It uses 3 files and a pic for BG.

 

[Rudy]

Thanks for the response. I realized what I did, after I echoed out the sessions like you suggested.

In the form, I had the method as GET, however, my php was trying to get some POST information. I was also checking for GET in this line: $posted = isset($_GET['submitted']) ? $_GET['submitted'] : "";

Every other php line I had was checking for POST material. Once I made the relevant changes, it works fine.

Thanks again for the help,
David