Captcha is currently one of the most common ways to protect free formats. It was originally created not to protect data security, but to protect against spam and to recognize that it is a human.
However, it is machine-generated so it is not always perfect, but the success rate of a captcha test is somewhere around 99% and only 1% of images can be deciphered by a well-made spam robot.
There are more options, for example I use this solution:
If the captcha test can be solved, the user is probably human. However, it's good to think about users who can't solve the task, especially blind users. It's a good solution to combine multiple possible tests (especially voice prefetching). However, voice recognition by a machine is currently significantly more efficient than reading from an image. Therefore, this solution is not always ideal.
Often enough, it is enough to generate a blank image of certain dimensions and enter a few characters into it legibly without further editing. Seriously! Most spam bots are stupid and can't attack generic forms with this type of protection, even though it's perfectly readable text that better OCR can transcribe perfectly.
The resulting image may look like this:
<img src="captcha.php" alt="sample captcha">
Try refreshing the page a few times and you'll see that the code changes randomly each time. For demonstration purposes, it is just generated without saving, so it will be removed immediately after you load it.
I solved the source code using the PHPGD library, which is available on virtually every PHP installation and hosting:
Header("Content-type: image/png");$obr = ImageCreate(100, 35);$background = ImageColorAllocate($obr, 219, 28, 49); //define background color$bila = ImageColorAllocate($obr, 255, 255, 255); //define the white color for the text$style = array($background);ImageSetStyle($obr, $style);$random_cislo = rand(11111,99999); //draw a random number 5 characters longimagestring($obr, 5, 25, 10, $random_cislo, $bila); //function to render text (in this case a number)ImagePNG($obr); //generate an image in memory and render itImageDestroy($obr); //delete the image from memory (no longer needed, as it is generated once)
Rendering the image is then just a matter of HTML:
Please note that this script is not functional on its own without further modification. It serves only as a demonstration to generate a simple image.
Remember: What is a trivial task for a human may never be an achievable solution for a machine. That's why even this primitive captcha with perfectly readable text can protect against more than half of spam.
Jan Barášek Více o autorovi
Autor článku pracuje jako seniorní vývojář a software architekt v Praze. Navrhuje a spravuje velké webové aplikace, které znáte a používáte. Od roku 2009 nabral bohaté zkušenosti, které tímto webem předává dál.
Rád vám pomůžu: