PHP uses Authenticode to prevent malicious registration of learning notes

  Today we're going to look at the PHP captcha, we do it with a simple digital captcha, and first write a code to generate the CAPTCHA:

code is as follows

&nbs P;

<?php //randomly generate a 4-digit number validation code $num = "";     ;  for ($i =0 $i <4; $i + +) {     $num. = rand (0,9);    } // 4-bit Authenticode can also generate directly with Rand (1000,9999)///write the generated captcha to session, and the Prepare validation page uses the Session_Start ();     $_ session["Checknum"] = $num; //Create picture, define color value      Header ("Content-type:image/png"); Srand (Double) microtime () *1000000); $im = imagecreate (60,20); $black = imagecolorallocate ($im, 0,0,0); $gray = imagecolorallocate ($im, 200,200,200); Imagefill ($im, 0,0, $gray); //Randomly draw two dashed lines, interfering $style = Array ($black, $black, $black, $black, $black, $gray, $gray, $gray, $gray, $gray); Imagesetstyle ($im, $style); $y 1=rand (0,20);     $Y2=rand (0,20);     $y 3=rand (0,20);     $y 4=rand (0,20); Imageline ($im, 0, $y 1, $y 3, img_color_styled); Imageline ($im, 0, $y 2, $y 4, img_color_styled) //A large number of black dots randomly generated on the canvas, interfering; for ($i =0 $i <80; $i + +)      { Imagesetpixel ($im, Rand (0,60), Rand (0,20), $black);     } //Four digits are randomly displayed on the canvas, and the horizontal spacing and position of the characters are randomly generated by a certain range of fluctuations $strx =rand (3,8); for ($i =0 $i <4; $i + +) { $strpos =rand (1,6);     imagestring ($im, 5, $strx, $strpos, substr ($num, $i, 1), $black);     $strx +=rand (8,12); } Imagepng ($im);     Imagedestroy ($im); ?

On the reg.php page we write a form: (This eliminates other HTML code)

The code is as follows
<tr> <td> Verification Code:</td> <td><input type= "text" name= "Yzm" style= "width:60px;height:20px"/></img></td> </tr> <tr> <td colspan= ' 2′><input type= "submit" value= "registered"/></td> <td> Verification Code:</td> </tr>

Because we submitted it by post, we use $_post to obtain (Verify the verification code on the Acceptance page: post.php page)

code is as follows

&nbs P;

Session_Start (); //back_alert () validation code input error, pop-up error message Function Back_alert ($yzm) { echo "<script type= ' text/javascript ' >alert (' $yzm '); History.back (); </ Script> "; } ///Prohibit malicious calls (prohibit post.php pages from being opened directly in browser) If ($_post["Yzm"]==null) { Back_alert (' You have input verification code, there is wood there??? '); } //Prohibit malicious registration of if (! $_post["Yzm"]==$_session["Checknum")) { Back_alert (' Incorrect authentication code '); } echo $_post["Yzm"];