GumCha simple captcha, no mysql no sessions, flatfile captch

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    GumCha simple captcha, no mysql no sessions, flatfile captch

    here is a captcha code which i have developed for wap sites.

    1. create a new file image.php and put the next code code to it:
    PHP Code:
    <?php

    @exec("find ./gumcha/ -maxdepth 1 -type f -mtime +1 -exec rm -f {} \;");


    $code rand_string(5);
    file_put_contents('./gumcha/'.$code$code);


    function 
    rand_string$length ) {
        
    $chars "abcdefghijklmnopqrstuvwxyz123456789";    

        
    $size strlen$chars );
        for( 
    $i 0$i $length$i++ ) {
            
    $str .= $charsrand0$size ) ];
        }

        return 
    $str;
    }


    /* YOU CAN MODIFY THE IMAGE CODE FROM HERE TO CREATE MORE COOL CAPTCHA IMAGES, eg. with different backgrounds */
    header("Content-type: image/gif");
    $im = @imagecreate(6025)
        or die(
    "Cannot Initialize new GD image stream");
    $background_color imagecolorallocate($im000);
    $text_color imagecolorallocate($im2331491);
    imagestring($im355,  $code$text_color);
    imagegif($im);
    imagedestroy($im);

    ?>
    create folder gumcha where the captcha image script is and chmod 777 it.


    and then use this peace of code which will check if the gumcha generated code is correct:

    PHP Code:
    if($_POST){
                
    $gumcha_code $_POST['code'];

        if(
    gumcha_check($gumcha_code) == true)
        {


                           
    // HERE GOES THE CONTENT AFTER THE CAPTCHA VALIDATION


        
    }else echo 'WRONG CAPTCHA CODE';
    }

    function 
    gumcha_check($code)
    {
        
    $code trim($code);
        
    $code str_replace('.','',$code);
        
    $code strtolower($code);
        if (
    preg_match("/[^\da-z]+/"$code)) return false;
        elseif(
    strlen($code)<2)return false;
        elseif(
    file_exists('./gumcha/'.$code))
        {
            @
    unlink('./gumcha/'.$code);
            return 
    true;
        }
        else return 
    false;

    Advertise your mobile site for FREE with AdTwirl


    #2
    Nice, but what if someone evil would pass $_POST['code']= "../index.php"?
    this is kinda dangerous....
    it would be better to generate a numeric random code and use something like
    @unlink('./gumcha/'.intval($gumcha_code));


    I hope i explained myself

    Cheers

    Comment


      #3
      Originally posted by Sora101 View Post
      Nice, but what if someone evil would pass $_POST['code']= "../index.php"?
      this is kinda dangerous....
      it would be better to generate a numeric random code and use something like
      @unlink('./gumcha/'.intval($gumcha_code));


      I hope i explained myself

      Cheers
      PHP Code:
      $gumcha_code str_replace('.','',$gumcha_code); 
      will do the thing

      or
      PHP Code:
      if (preg_match("/[^\da-zA-Z]+/"$gumcha_code)))
                  
      $error 'Wrong code.'
      code updated
      Advertise your mobile site for FREE with AdTwirl

      Comment


        #4
        I can do it w/o session, sql or txt file..just submit the answer of the user and the correct answer to the 2nd page and then compare if equal..as easy as that..
        My Blog: http://jhommark.blogspot.com
        My Facebook: http://www.facebook.com/jhommark
        My Official Site: http://www.undergroundweb.tk
        My Community Site: http://undergroundwap.xtreemhost.com

        Comment


          #5
          lol there are many tuts out there on web thats why u just modify codes LOL...
          com site: http://vampist.net
          download site: http://wapdloads.net
          fb: http://www.facebook.com/pmplx

          Comment


            #6
            You don't need tut if u use head or common sense..Be wise..Trust urself u can do it with ur own and learn with urself..If not, you don't deserve to be a good coder..
            Last edited by kiLLeR-eyEd_14; 23.06.10, 21:26.
            My Blog: http://jhommark.blogspot.com
            My Facebook: http://www.facebook.com/jhommark
            My Official Site: http://www.undergroundweb.tk
            My Community Site: http://undergroundwap.xtreemhost.com

            Comment

            Working...
            X