PHP create your own custom captcha easily

Jan 2, 2017 12:33 am

PHP

Create you own custom captcha easily in PHP, before coding I want to explain what is Captcha and how it works?

Captcha is used to distinguish human from given input, and it is ensured that form is submitted by human. Generally computers or bot are not capable of solving a Captcha.

Bots are kind of software which has database of commonly used password or they can also work on sequences of different patterns. lets says our password is 599, Bot starts submitting your form with password=0 next time with password=1 and so on upto lets say 1000. when it reaches 599 it will get login and will send an email to hacker that on abc url, username=mno and password=599 worked.
these attacks are also called brute-force attacks. the only solution to distinguish between human and bot is Captcha.

Why captcha is hard to read

Captcha is actually an image with random characters, its fonts are intentionally made irregular and its alignment is messed up to avoid computers from reading, because some software are there which can read text from image but they work on visual algorithms and need some regular fonts in regular pattern and alignment.

How Custom captcha is built and how it works

Custom Captcha Creation

Create new php file eg: captcha.php
First we start session at top of page
We generate random word
Create image with above word in a complex font
We can optionally put some background dots and lines to make it more complex visually.
put this word in $_SESSION[‘alam_captcha’] variable
Do not write other code in this file.

Custom Captch Using

At form we create an img tag with src=”captcha.php”
And a textbox with name=”captcha” where user write captcha string
On each page refresh a different captcha will be displayed and that string will also be saved in session
At verification will will be matching session and input

Custom Verifying Captcha

At form post first of all we check if $_SESSION[‘alam_captcha’] is equal to $_POST[‘captcha’]
if matched we proceed our normal login procedure
if captcha is not matched we stop the execution and display an error.

here is the code to generate captcha image dynamically with PHP for this code we need a font file I have used alam_font.ttf you can use any other font, I have used bluesh color you can use different color matching your website theme. in short you can customize every thing.

captcha.php code

<?php
session_start();
function generateCode($characters=4) {
	/* list all possible characters, similar looking characters(1,i,l) and vowels have been removed to avoid real words */
	$possible = '23456789bcdghjkmnpqrstvwyz';
	$code = '';
	for ($i=0;$i < $characters;$i++) { 
		$code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
	}          
	return $code;
}

function create($characters=4,$width='120',$height='35') {
        /*get random string */
		$code = generateCode($characters);
		$font = 'alam_font.ttf';
		
        /* font size will be 75% of the image height */
        $font_size = $height * 0.75;
        $image = @imagecreate($width, $height) or die('Cannot initialize new GD image stream');
        
		/* set the colours */
        $background_color = imagecolorallocate($image, 220, 220, 220);
        $text_color = imagecolorallocate($image, 10, 30, 80);
        $noise_color = imagecolorallocate($image, 150, 180, 220);
        
		/* generate random dots in background */
        for( $i=0; $i<($width*$height)/3; $i++ ) {
                imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color);
        }
        
		/* generate random lines in background */
        for( $i=0; $i<($width*$height)/150; $i++ ) {
                imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), $noise_color);
        }
        
		/* create textbox and add text */
        $textbox = imagettfbbox($font_size, 0, $font, $code) or die('Error in imagettfbbox function');
        $x = ($width - $textbox[4])/2;
        $y = ($height - $textbox[5])/2;
        $y -= 5;
        imagettftext($image, $font_size, 0, $x, $y, $text_color, $font , $code) or die('Error in imagettftext function');
        
		/* output captcha image to browser */
        header('Content-Type: image/jpeg');
        imagejpeg($image);
        imagedestroy($image);

        /*put string in session*/
        $_SESSION['alam_captcha']=$code;
    }
/*call create() function to generate captcha*/
create();
?>

<?php

session_start();

function generateCode($characters=4) {

/* list all possible characters, similar looking characters(1,i,l) and vowels have been removed to avoid real words */

$possible = '23456789bcdghjkmnpqrstvwyz';

$code = '';

for ($i=0;$i < $characters;$i++) {

$code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);

}

return $code;

}

function create($characters=4,$width='120',$height='35') {

/*get random string */

$code = generateCode($characters);

$font = 'alam_font.ttf';

/* font size will be 75% of the image height */

$font_size = $height * 0.75;

$image = @imagecreate($width, $height) or die('Cannot initialize new GD image stream');

/* set the colours */

$background_color = imagecolorallocate($image, 220, 220, 220);

$text_color = imagecolorallocate($image, 10, 30, 80);

$noise_color = imagecolorallocate($image, 150, 180, 220);

/* generate random dots in background */

for( $i=0; $i<($width*$height)/3; $i++ ) {

imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color);

}

/* generate random lines in background */

for( $i=0; $i<($width*$height)/150; $i++ ) {

imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), $noise_color);

}

/* create textbox and add text */

$textbox = imagettfbbox($font_size, 0, $font, $code) or die('Error in imagettfbbox function');

$x = ($width - $textbox[4])/2;

$y = ($height - $textbox[5])/2;

$y -= 5;

imagettftext($image, $font_size, 0, $x, $y, $text_color, $font , $code) or die('Error in imagettftext function');

/* output captcha image to browser */

header('Content-Type: image/jpeg');

imagejpeg($image);

imagedestroy($image);

/*put string in session*/

$_SESSION['alam_captcha']=$code;

}

/*call create() function to generate captcha*/

create();

index.php has code to display captcha in form and its verification code on form submission.
Index.php code

<?php session_start(); ?>
<!DOCTYPE html>
<html>
	<head>
		<title>PHP Captcha by Alam</title>
	</head>
	<body>
		<?php if($_POST){
			
			//first of all check captcha
			if($_POST['captcha']==$_SESSION['alam_captcha']){
				//now when captcha is entered and matching session['alam_captcha']
				//your normal login procedure connect to DB make query and check...
				if($_POST['user']=='admin' && $_POST['password']=='admin'){
					echo '<h2 style="color:green;">Logged in sussessfully.</h2>';
					//set session to keep logged-in user data
					//redirect
				}else{
					echo '<h2 style="color:red;">Invalid username and password.</h2>';
				}//end if user&pwd match
			}else{
				echo '<h2 style="color:red;">Wrong Captcha entered.</h2>';
			}//end if captcha=session
		}//end if post	
		?>
		
		<form action method="POST">
			<label>Username</label>
			<input type="text" name="user" placeholder="admin" />
			<br />
			<label>Password</label>
			<input type="text" name="password" placeholder="admin" />
			<br /><br />
			<label>Enter captcha</label>
			<img alt="catcha" src="captcha.php" /><br>
			<input type="text" name="captcha" />
			<br /><br />
			<input type="submit" />
		</form>
		<br><br><a href="index.php">Refresh page</a>
	</body>
</html>

<?php session_start(); ?>

<!DOCTYPE html>

<html>

<head>

<title>PHP Captcha by Alam</title>

</head>

<body>

<?php if($_POST){

//first of all check captcha

if($_POST['captcha']==$_SESSION['alam_captcha']){

//now when captcha is entered and matching session['alam_captcha']

//your normal login procedure connect to DB make query and check...

if($_POST['user']=='admin' && $_POST['password']=='admin'){

echo '<h2 style="color:green;">Logged in sussessfully.</h2>';

//set session to keep logged-in user data

//redirect

}else{

echo '<h2 style="color:red;">Invalid username and password.</h2>';

}//end if user&pwd match

}else{

echo '<h2 style="color:red;">Wrong Captcha entered.</h2>';

}//end if captcha=session

}//end if post

<label>Username</label>

<br />

<label>Password</label>

<label>Enter captcha</label>

</form>

<br><br><a href="index.php">Refresh page</a>

</body>

</html>

I am not able to upload the font file here, you can download ttf file along with both of these two files from the following gihub link

Hope this will help you creating your own Custom captcha, its development and implementation is easy. comment if you have issues or if you can improve it.

Comments

Adil khan says:

January 2, 2017 at 7:31 am

Thanks,Nice work, i will surely use it in my university project

Reply
Haider Ali says:

January 27, 2017 at 10:43 am

Nice work keep it up for sharing such informative knowledge.

Reply
Gdo San says:

June 18, 2018 at 9:53 pm

Magnifico, muchas gracias. Pura Vida

Reply

PHP create your own custom captcha easily

Why captcha is hard to read

How Custom captcha is built and how it works

Comments

Write a Reply or Comment Cancel reply

About Author

Recent Posts

Archives

Categories

Search by tags

Recent Comments

Visitors

PHP create your own custom captcha easily

Why captcha is hard to read

How Custom captcha is built and how it works

Related Posts

Discounted hostings

Comments

Write a Reply or Comment Cancel reply

About Author

Recent Posts

Archives

Categories

Search by tags

Recent Comments

Visitors