• Home
• Prado
• Web
• UI
• WebControls
• TCaptcha

PHP Class Prado\Web\UI\WebControls\TCaptcha

Notice: while this class is easy to use and implement, it does not provide full security. In fact, it's easy to bypass the checks reusing old, already-validated tokens (reply attack). A better alternative is provided by {@link TReCaptcha}. TCaptcha displays a CAPTCHA (a token displayed as an image) that can be used to determine if the input is entered by a real user instead of some program. Unlike other CAPTCHA scripts, TCaptcha does not need session or cookie. The token (a string consisting of alphanumeric characters) displayed is automatically generated and can be configured in several ways. To specify the length of characters in the token, set {@link setMinTokenLength MinTokenLength} and {@link setMaxTokenLength MaxTokenLength}. To use case-insensitive comparison and generate upper-case-only token, set {@link setCaseSensitive CaseSensitive} to false. Advanced users can try to set {@link setTokenAlphabet TokenAlphabet}, which specifies what characters can appear in tokens. The validation of the token is related with two properties: {@link setTestLimit TestLimit} and {@link setTokenExpiry TokenExpiry}. The former specifies how many times a token can be tested with on the server side, and the latter says when a generated token will expire. To specify the appearance of the generated token image, set {@link setTokenImageTheme TokenImageTheme} to be an integer between 0 and 63. And to adjust the generated image size, set {@link setTokenFontSize TokenFontSize} (you may also set {@link TWebControl::setWidth Width}, but the scaled image may not look good.) By setting {@link setChangingTokenBackground ChangingTokenBackground} to true, the image background of the token will be variating even though the token is the same during postbacks. Upon postback, user input can be validated by calling {@link validate()}. The {@link TCaptchaValidator} control can also be used to do validation, which provides client-side validation besides the server-side validation. By default, the token will remain the same during multiple postbacks. A new one can be generated by calling {@link regenerateToken()} manually. The following template shows a typical use of TCaptcha control: Datei anzeigen Open project: pradosoft/prado

Public Methods

Method	Description
checkRequirements ( ) : boolean	Checks the requirements needed for generating CAPTCHA images.
getCaseSensitive ( ) : boolean
getChangingTokenBackground ( ) : boolean
getIsTokenExpired ( ) : boolean
getMaxTokenLength ( ) : integer
getMinTokenLength ( ) : integer
getPrivateKey ( ) : string
getPublicKey ( ) : string
getTestLimit ( ) : integer
getToken ( ) : string
getTokenAlphabet ( ) : string
getTokenExpiry ( ) : integer
getTokenFontSize ( ) : integer
getTokenImageTheme ( ) : integer
onPreRender ( $param )	Configures the image URL that shows the token.
regenerateToken ( )	Regenerates the token to be displayed.
setCaseSensitive ( $value )
setChangingTokenBackground ( $value )
setMaxTokenLength ( $value )
setMinTokenLength ( $value )
setPublicKey ( $value )
setTestLimit ( $value )
setTokenAlphabet ( $value )
setTokenExpiry ( $value )
setTokenFontSize ( $value )	Sets the font size used for displaying the token in an image.
setTokenImageTheme ( $value )	Sets the theme of the token image.
validate ( $input ) : boolean	Validates a user input with the token.

Protected Methods

Method	Description
generatePrivateKeyFile ( ) : string	Generates a file with a randomly generated private key.
generateRandomKey ( ) : string
generateToken ( $publicKey, $privateKey, $alphabet, $tokenLength, $caseSensitive ) : string	Generates the token.
getCaptchaScriptFile ( ) : string
getFontFile ( )
getTokenImageOptions ( ) : string
getTokenLength ( ) : integer
hash2string ( $hex, $alphabet = '' ) : string	Converts a hash string into a string with characters consisting of alphanumeric characters.

Method Details