Implement the verification code method during PHP development. I read some articles about the verification code some time ago, that is, to generate an image with a string of randomly generated numbers or symbols, and add some interference pixels to the image to prevent OCR ), some articles about the verification code have been read by the user some time ago. it is to generate an image with a string of randomly generated numbers or symbols, and add some interference pixels to the image to prevent OCR ), the user can identify the verification code information with the naked eye, and enter a form to submit the website for verification. a function can be used only after the verification is successful.
An article briefly introduces the implementation method as follows:
Code 1:
/*
* Filename: authpage. php (as the mainstream development language)
* Author: huuworm
* Date: 2003-04-28
* @ Copyleft huuworm.org
*/
Srand (double) microtime () * 1000000 );
// Verify that the user input is consistent with the verification code
If (isset ($ HTTP_POST_VARS [authinput])
{
If (strcmp ($ HTTP_POST_VARS [authnum], $ HTTP_POST_VARS [authinput]) = 0)
Echo "verification successful! ";
Else
Echo "verification failed! ";
}
// Generate a new four-digit integer verification code
While ($ authnum = rand () % 10000) <1000 );
?>
Code 2:
/*
* Filename: authimg. php (as the mainstream development language)
* Author: huuworm
* Date: 2003-04-28
* @ Copyleft huuworm.org
*/
// Generate a verification code Image
Header ("Content-type: image/PNG ");
Srand (double) microtime () * 1000000 );
$ Im = imagecreate (58,28 );
$ Black = ImageColorAllocate ($ im, 0, 0 );
$ White = ImageColorAllocate ($ im, 255,255,255 );
$ Gray = ImageColorAllocate ($ im, 200,200,200 );
Imagefill ($ im, 68, 30, $ gray );
// Print the four-digit integer verification code into the image
Imagestring ($ im, 5, 10, 8, $ HTTP_GET_VARS [authnum], $ black );
For ($ I = 0; $ I <50; $ I ++) // add interference pixels
{
Imagesetpixel ($ im, rand () % 70, rand () % 30, $ black );
}
ImagePNG ($ im );
ImageDestroy ($ im );
?>
This program has basically implemented the verification code generation and verification function, but the author of this article does not know why the content of the verification code is displayed in the form. in this case, it only limits the user's need to enter the verification code, but does not prevent malicious programs. It can be said that it is difficult to protect people, rather than prevent attacks.
However, we can save the verification string in the session according to the original author's idea, so as to ensure security.
The code is as follows:
// File: authform. php (as the mainstream development language)
/*
* "Filename: authimg. php (as the mainstream development language)
*/
Header ("Content-type: image/PNG ");
Session_start ();
$ Auth_num = "";
Session_register (auth_num );
$ Im = imagecreate (63,20 );
Srand (double) microtime () * 1000000 );
$ Auth_num_k = md5 (rand (0, 9999 ));
$ Auth_num = substr ($ auth_num_k, 17,5 );
$ Black = ImageColorAllocate ($ im, 0, 0 );
$ White = ImageColorAllocate ($ im, 255,255,255 );
$ Gray = ImageColorAllocate ($ im, 200,200,200 );
// ImageFill ($ im, $ black); // this line does not know why an error occurs on the server of our company. change the space to OK.
Imagestring ($ im, 5, 10, 3, $ auth_num, $ gray );
For ($ I = 0; I I <200; $ I ++)
{
$ Randcolor = ImageColorallocate ($ im, rand (0,255), rand (0,255), rand (0,255 ));
Imagesetpixel ($ im, rand () % 70, rand () % 30, $ randcolor );
}
ImagePNG ($ im );
ImageDestroy ($ im );
?>
/*
* Filename: authpage. php (as the mainstream development language)
Warning (prevent OCR), by the user meat...