Home arrow PHP arrow Page 2 - Improve PHP Captcha with Optical Character Recognition Tests

Adding background noise to captcha - PHP

If you're working on a captcha system for your PHP-based website, you may be faced with an interesting challenge. How do you make your system too hard for spam bots to read, but not too hard for humans? This is especially worrying in the wake of bots that can harness OCR for reading captchas. This article explains how to increase the difficulty of a captcha system and test it to make sure it meets your requirements.

TABLE OF CONTENTS:
  1. Improve PHP Captcha with Optical Character Recognition Tests
  2. Adding background noise to captcha
  3. Increasing captcha difficulty
  4. The final script
By: Codex-M
Rating: starstarstarstarstar / 4
August 02, 2010

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

The original captcha is perfectly clean; there is no background noise, which you can see in other captcha systems. Let's add background noise to the existing captcha script above.

Step 1. Start the session. Generate a random number and assign the number to the session variable. This session variable is used when passing the correct answer to the web form, and then to the PHP script that will validate the answer in the actual web application:

<?php

 

session_start();

 

$stringgen = mt_rand(1000, 9999);

 

$_SESSION['answer']=$stringgen;

 

Step 2. Create a 50 x 50 pixel image, and then declare the background and text color of the captcha:

$imagecreate = imagecreate(50, 50);

 

// white background and blue text

 

$background = imagecolorallocate($imagecreate, 0, 0, 255);

 

$textcolor = imagecolorallocate($imagecreate, 255, 255, 255);

Step 3. Using the background noise script discussed at the link adds a sprinkling of pixel dots on the existing, created image that constitutes background noise.

You can randomly sprinkle the dots on the image using the loop function below, and the imagesetpixel function, which will draw a single pixel on the image defined by random $x and $y coordinates:

 

for ($c = 0; $c < 40; $c++){

 

   $x = rand(0,50-1);

 

   $y = rand(0,50-1);

 

   imagesetpixel($imagecreate, $x, $y, $textcolor);

 

   }

 

The pixel coordinates should be dependent on the size of the image (which is 50 x 50 pixels). This is why the boundary is set in the random number generation (0, 49) with the maximum possible coordinate (49,49).

The number of white pixel dots in the 50 x 50 pixel image is estimated to be around 40, which is defined by the for loop: $c<40

To increase captcha difficulty, since the font color of the original captcha text is white (defined by $textcolor = imagecolorallocate($imagecreate, 255, 255, 255);) the color of the pixel dot background noise should also be set to white (defined by imagesetpixel($imagecreate, $x, $y, $textcolor);  

Step 4. Draw the captcha, now with background noise as defined in the previous steps, horizontally on the image:

$xlocation = rand(1,10);

 

$ylocation = rand(1,10);

 

imagestring($imagecreate, 5, $xlocation, $ylocation, $stringgen, $textcolor);

 

The string will also be positioned randomly in the image, as defined at the $xlocation and  $ylocation variables.

Step 5. Finally, output the generated image as PNG in the web browser:

header("Content-type: image/png");

 

$image= imagepng($imagecreate);

?>

The final generated script will be:

<?php

 

session_start();

 

$stringgen = mt_rand(1000, 9999);

 

$_SESSION['answer']=$stringgen;

 

$imagecreate = imagecreate(50, 50);

 

$background = imagecolorallocate($imagecreate, 0, 0, 255);

 

$textcolor = imagecolorallocate($imagecreate, 255, 255, 255);

 

for ($c = 0; $c < 40; $c++){

 

   $x = rand(0,50-1);

 

   $y = rand(0,50-1);

 

   imagesetpixel($imagecreate, $x, $y, $textcolor);

 

   }

 

$xlocation = rand(1,10);

 

$ylocation = rand(1,10);

 

imagestring($imagecreate, 5, $xlocation, $ylocation, $stringgen, $textcolor);

 

header("Content-type: image/png");

 

$image= imagepng($imagecreate);

 

?>

 

Below are the captchas generated using first solution: http://www.php-developer.org/firstcaptchasolution.php

And the following screen shot reveals the evaluation results using the Tesseract optical character recognition engine:

 

According to the results, the OCR still correctly answers the captcha challenges. This means that the background noise setting at $c < 40 is not effective in adding difficulty to the original challenge.

It is highly recommended that you increase the level of background noise, but continue to make the original security code text visible to humans.



 
 
>>> More PHP Articles          >>> More By Codex-M
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: