PHP Image Verification - Eliminating Spam Bot

I was looking for an easier way to alternatively redo a.k.a spam bot eliminator. This article shows a better method in preventing robot login to a web based system. Have this code saved as something like image.php (or whatever name you would love to):


<?php
session_start();

// generate 5 digit random number
$rand = rand(10000, 99999);

// create the hash for the random number and put it in the session
$_SESSION['image_random_value'] = md5($rand);

// create the image
$image = imagecreate(60, 30);

// use white as the background image
$bgColor = imagecolorallocate ($image, 255, 255, 255);

// the text color is black
$textColor = imagecolorallocate ($image, 0, 0, 0);

// write the random number
imagestring ($image, 5, 5, 8, $rand, $textColor);

// send several headers to make sure the image is not cached
// taken directly from the PHP Manual

// Date in the past
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");

// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);

// HTTP/1.0
header("Pragma: no-cache");


// send the content type header so the image is displayed properly
header('Content-type: image/jpeg');

// send the image to the browser
imagejpeg($image);

// destroy the image to free up the memory
imagedestroy($image);
?>

Notice this;
$_SESSION[’image_random_value’]
you will need to refer to this session name on the page where the inputs verification is done. The only thing is to start the session on the page;

session_start();

I am considering to do this thing for next release of , depending on how much free time is there.

This is an example on how I use the code for my other blog. It’s a blog submission verification.

Posted January 20th, 2007 by mightyhitter under PHP, Wordpress

 

Leave a Reply