PHP Class Securimage, PHP-Fusion

A class for creating and validating secure CAPTCHA images and audio. The class contains many options regarding appearance, security, storage of captcha data and image/audio generation options.
Author: Drew Phillips ([email protected])
Mostra file Open project: php-fusion/PHP-Fusion Class Usage Examples

Public Properties

Property Type Description
$audio_format string Type of audio file to generate (mp3 or wav)
$audio_path string Full path to the WAV files to use to make the audio files, include trailing /.
Name Files [A-Z0-9].wav
$background_directory string Scan this directory for gif, jpg, and png files to use as background images.
A random image file will be picked each time.
Change from null to the full path to your directory.
i.e. var $background_directory = $_SERVER['DOCUMENT_ROOT'] . '/securimage/backgrounds'; Make sure not to pass a background image to the show function, otherwise this directive is ignored.
$bgimg resource The background image resource
$charset string The character set for individual characters in the image.
Letters are converted to uppercase.
The font must support the letters or there may be problematic substitutions.
$code string The code generated by the script
$code_entered string The code that was entered by the user
$code_length integer The length of the code to generate.
$correct_code boolean Whether or not the correct code was entered
$draw_lines_over_text boolean Draw the lines over the text.
If fales lines will be drawn before putting the text on the image.
$expiry_time integer The amount of time in seconds that a code remains valid.
Any code older than this number will be considered invalid even if entered correctly.
Any non-numeric or value less than 1 disables this functionality.
$gd_font_file mixed Note: Use of GD fonts is not recommended as many distortion features are not available
The GD font to use.
Internal gd fonts can be loaded by their number.
Alternatively, a file path can be given and the font will be loaded from file.
$gd_font_size integer The approximate size of the font in pixels.
This does not control the size of the font because that is determined by the GD font itself.
This is used to aid the calculations of positioning used by this class.
$gdbgcolor integer Color resource for image background color
$gdlinecolor integer Color resource for image line color
$gdmulticolor array Array of colors for multi colored codes
$gdsignaturecolor integer Color resource for image signature color
$gdtextcolor integer Color resource for image font color
$im resource The gd image resource.
$image_bg_color Securimage_Color The background color for the image as a Securimage_Color.
$image_height integer The desired width of the CAPTCHA image.
$image_signature Text to write at the bottom corner of captcha image
$image_type integer The image format for output.
Valid options: SI_IMAGE_PNG, SI_IMAGE_JPG, SI_IMAGE_GIF
$image_width integer The desired width of the CAPTCHA image.
$iscale integer Internal scale factor for anti-alias @hkcaptcha
$line_color string Color of lines drawn over text
$multi_text_color array Array of Securimage_Colors which will be randomly selected for each letter.
$num_lines boolean Draw vertical and horizontal lines on the image.
$perturbation float How much to distort image, higher = more distortion.
Distortion is only available when using TTF fonts.
$session_name string The session name to use if not the default. Blank for none
$signature_color Securimage_Color Color to use for writing signature text
$sqlite_database string Path to the file to use for storing codes for users.
THIS FILE MUST ABSOLUTELY NOT BE ACCESSIBLE FROM A WEB BROWSER!!
Put this file in a directory below the web root or one that is restricted (i.e. an apache .htaccess file with deny from all)
If you cannot meet those requirements your forms may not be completely protected.
You could obscure the database file name but this is also not recommended.
$sqlite_handle resource Handle to SQLite database
$text_angle_maximum integer The minimum angle in degrees, with 0 degrees being left-to-right reading text.
Higher values represent a counter-clockwise rotation.
For example, a value of 90 would result in bottom-to-top reading text.
$text_angle_minimum integer The minimum angle in degrees, with 0 degrees being left-to-right reading text.
Higher values represent a counter-clockwise rotation.
For example, a value of 90 would result in bottom-to-top reading text.
This value along with maximum angle distance do not need to be very high with perturbation
$text_color Securimage_Color The text color to use for drawing characters as a Securimage_Color.
This value is ignored if $use_multi_text is set to true.
Make sure this contrasts well with the background color or image.
$text_transparency_percentage integer The percentage of transparency, 0 to 100.
A value of 0 is completely opaque, 100 is completely transparent (invisble)
$text_x_start integer The X-Position on the image where letter drawing will begin.
This value is in pixels from the left side of the image.
$tmpimg resource Temporary image for rendering
$ttf_file string The path to the TTF font file to load.
$use_gd_font Use a gd font instead of TTF
$use_multi_text boolean Set to true to use multiple colors for each character.
$use_sqlite_db Use an SQLite database for storing codes as a backup to sessions.
Note: Sessions will still be used
$use_transparent_text boolean Set to true to make the characters appear transparent.
$use_wordlist Use wordlist of not
$wordlist_file Create codes using this word list

Public Methods

Method Description
Securimage ( ) Class constructor.
Because the class uses sessions, this will attempt to start a session if there is no previous one.
If you do not start a session before calling the class, the constructor must be called before any output is sent to the browser.
addSignature ( ) Print signature text on image
allocateColors ( ) Allocate all colors that will be used in the CAPTCHA image
check ( string $code ) : boolean Validate the code entered by the user.
checkCode ( ) : boolean Check if the user entered code was correct
clearCodeFromDatabase ( ) Delete a code from the database by ip address hash
createCode ( ) Create a code and save to the session
distortedCopy ( ) Warp text from temporary image onto final image.
Modified for securimage
doImage ( ) Generate and output the image
drawLines ( ) Draw random curvy lines over the image
Modified code from HKCaptcha
drawWord ( ) Draw the CAPTCHA code over the image
frand ( ) : float Generate random number less than 1
generateCode ( integer $len ) : string Generate a code
generateMP3 ( array $letters ) : string Generate an mp3 file by concatenating individual files
generateWAV ( array $letters ) : string Generate a wav file by concatenating individual files
getAudibleCode ( $format = 'wav' ) : string Get WAV or MP3 file data of the spoken code.
This is appropriate for output to the browser as audio/x-wav or audio/mpeg
getBackgroundFromDirectory ( ) : mixed Return the full path to a random gif, jpg, or png from the background directory.
getCode ( ) : string Get the captcha code
getCodeFromDatabase ( ) : string Get stored captcha code from sqlite database based on ip address hash
getIPHash ( ) : string Get hashed IP address of remote user
isCodeExpired ( $creation_time ) : boolean Check a code to see if it is expired based on creation time
openDatabase ( ) : boolean Open SQLite database
output ( ) Output image to the browser
outputAudioFile ( ) Output audio file with HTTP headers to browser $sound = new Securimage(); $sound->audio_format = 'mp3'; $sound->outputAudioFile();
purgeOldCodesFromDatabase ( ) Purge codes over a day old from database
readCodeFromFile ( ) : mixed Reads a word list file to get a code
saveCodeToDatabase ( ) : boolean Save captcha code to sqlite database
saveData ( ) Save the code in the session
scrambleAudioData ( &$data, $format ) Randomly modify the audio data to scramble sound and prevent binary recognition.
Take care not to "break" the audio file by leaving the header data intact.
setAudioPath ( $audio_directory ) : boolean Set the path to the audio directory.
setBackground ( ) Set the background of the CAPTCHA image
show ( string $background_image = "" ) Generate a code and output the image to the browser.
validate ( ) Validate the code to the user code

Method Details

Securimage() public method

$securimage = new Securimage();
public Securimage ( )

addSignature() public method

Print signature text on image
Since: 2.0
public addSignature ( )

allocateColors() public method

Allocate all colors that will be used in the CAPTCHA image
Since: 2.0.1
public allocateColors ( )

check() public method

$code = $_POST['code']; if ($securimage->check($code) == false) { die("Sorry, the code entered did not match."); } else { $valid = true; }
public check ( string $code ) : boolean
$code string The code the user entered
return boolean true if the code was correct, false if not

checkCode() public method

Check if the user entered code was correct
public checkCode ( ) : boolean
return boolean

clearCodeFromDatabase() public method

Delete a code from the database by ip address hash
Since: 2.0.1

createCode() public method

Create a code and save to the session
Since: 1.0.1
public createCode ( )

distortedCopy() public method

Warp text from temporary image onto final image.
Modified for securimage
Since: 2.0
Author: Han-Kwang Nienhuys modified
public distortedCopy ( )

doImage() public method

Generate and output the image
public doImage ( )

drawLines() public method

Draw random curvy lines over the image
Modified code from HKCaptcha
Since: 2.0
public drawLines ( )

drawWord() public method

Draw the CAPTCHA code over the image
public drawWord ( )

frand() public method

Generate random number less than 1
Since: 2.0
public frand ( ) : float
return float

generateCode() public method

Generate a code
public generateCode ( integer $len ) : string
$len integer The code length
return string

generateMP3() public method

Generate an mp3 file by concatenating individual files
Since: 1.0.4
public generateMP3 ( array $letters ) : string
$letters array Array of letters to build a file from
return string MP3 file data

generateWAV() public method

Generate a wav file by concatenating individual files
Since: 1.0.1
public generateWAV ( array $letters ) : string
$letters array Array of letters to build a file from
return string WAV file data

getAudibleCode() public method

Get WAV or MP3 file data of the spoken code.
This is appropriate for output to the browser as audio/x-wav or audio/mpeg
Since: 1.0.1
public getAudibleCode ( $format = 'wav' ) : string
return string WAV or MP3 data

getBackgroundFromDirectory() public method

Return the full path to a random gif, jpg, or png from the background directory.
See also: Securimage::$background_directory
public getBackgroundFromDirectory ( ) : mixed
return mixed false if none found, string $path if found

getCode() public method

Get the captcha code
Since: 1.0.1
public getCode ( ) : string
return string

getCodeFromDatabase() public method

Get stored captcha code from sqlite database based on ip address hash
Since: 2.0.1
public getCodeFromDatabase ( ) : string
return string captcha code

getIPHash() public method

Get hashed IP address of remote user
Since: 2.0.1
public getIPHash ( ) : string
return string

isCodeExpired() public method

Check a code to see if it is expired based on creation time
Since: 2.0.1
public isCodeExpired ( $creation_time ) : boolean
$creation_time unix timestamp of code creation time
return boolean true if code has expired, false if not

openDatabase() public method

Open SQLite database
Since: 2.0.1
public openDatabase ( ) : boolean
return boolean true if database was opened successfully

output() public method

Output image to the browser
public output ( )

outputAudioFile() public method

Output audio file with HTTP headers to browser $sound = new Securimage(); $sound->audio_format = 'mp3'; $sound->outputAudioFile();
Since: 2.0
public outputAudioFile ( )

purgeOldCodesFromDatabase() public method

Purge codes over a day old from database
Since: 2.0.1

readCodeFromFile() public method

Reads a word list file to get a code
Since: 1.0.2
public readCodeFromFile ( ) : mixed
return mixed false on failure, a word on success

saveCodeToDatabase() public method

Save captcha code to sqlite database
Since: 2.0.1
public saveCodeToDatabase ( ) : boolean
return boolean true if code was saved, false if not

saveData() public method

Save the code in the session
public saveData ( )

scrambleAudioData() public method

Randomly modify the audio data to scramble sound and prevent binary recognition.
Take care not to "break" the audio file by leaving the header data intact.
Since: 2.0
public scrambleAudioData ( &$data, $format )
$data Sound data in mp3 of wav format

setAudioPath() public method

Set the path to the audio directory.
Since: 1.0.4
public setAudioPath ( $audio_directory ) : boolean
return boolean true if the directory exists and is readble, false if not

setBackground() public method

Set the background of the CAPTCHA image
public setBackground ( )

show() public method

show('bg.jpg');
public show ( string $background_image = "" )
$background_image string The path to an image to use as the background for the CAPTCHA

validate() public method

Validate the code to the user code
public validate ( )

Property Details

$audio_format public_oe property

Type of audio file to generate (mp3 or wav)
public string $audio_format
return string

$audio_path public_oe property

Full path to the WAV files to use to make the audio files, include trailing /.
Name Files [A-Z0-9].wav
Since: 1.0.1
public string $audio_path
return string

$background_directory public_oe property

Scan this directory for gif, jpg, and png files to use as background images.
A random image file will be picked each time.
Change from null to the full path to your directory.
i.e. var $background_directory = $_SERVER['DOCUMENT_ROOT'] . '/securimage/backgrounds'; Make sure not to pass a background image to the show function, otherwise this directive is ignored.
public string $background_directory
return string

$bgimg public_oe property

The background image resource
public resource $bgimg
return resource

$charset public_oe property

The character set for individual characters in the image.
Letters are converted to uppercase.
The font must support the letters or there may be problematic substitutions.
public string $charset
return string

$code public_oe property

The code generated by the script
public string $code
return string

$code_entered public_oe property

The code that was entered by the user
public string $code_entered
return string

$code_length public_oe property

The length of the code to generate.
public int $code_length
return integer

$correct_code public_oe property

Whether or not the correct code was entered
public bool $correct_code
return boolean

$draw_lines_over_text public_oe property

Draw the lines over the text.
If fales lines will be drawn before putting the text on the image.
public bool $draw_lines_over_text
return boolean

$expiry_time public_oe property

The amount of time in seconds that a code remains valid.
Any code older than this number will be considered invalid even if entered correctly.
Any non-numeric or value less than 1 disables this functionality.
public int $expiry_time
return integer

$gd_font_file public_oe property

Note: Use of GD fonts is not recommended as many distortion features are not available
The GD font to use.
Internal gd fonts can be loaded by their number.
Alternatively, a file path can be given and the font will be loaded from file.
public mixed $gd_font_file
return mixed

$gd_font_size public_oe property

The approximate size of the font in pixels.
This does not control the size of the font because that is determined by the GD font itself.
This is used to aid the calculations of positioning used by this class.
public int $gd_font_size
return integer

$gdbgcolor public_oe property

Color resource for image background color
public int $gdbgcolor
return integer

$gdlinecolor public_oe property

Color resource for image line color
public int $gdlinecolor
return integer

$gdmulticolor public_oe property

Array of colors for multi colored codes
public array $gdmulticolor
return array

$gdsignaturecolor public_oe property

Color resource for image signature color
public int $gdsignaturecolor
return integer

$gdtextcolor public_oe property

Color resource for image font color
public int $gdtextcolor
return integer

$im public_oe property

The gd image resource.
public resource $im
return resource

$image_bg_color public_oe property

The background color for the image as a Securimage_Color.
public Securimage_Color $image_bg_color
return Securimage_Color

$image_height public_oe property

The desired width of the CAPTCHA image.
public int $image_height
return integer

$image_signature public_oe property

Text to write at the bottom corner of captcha image
Since: 2.0
public $image_signature

$image_type public_oe property

The image format for output.
Valid options: SI_IMAGE_PNG, SI_IMAGE_JPG, SI_IMAGE_GIF
public int $image_type
return integer

$image_width public_oe property

The desired width of the CAPTCHA image.
public int $image_width
return integer

$iscale public_oe property

Internal scale factor for anti-alias @hkcaptcha
Since: 2.0
public int $iscale
return integer

$line_color public_oe property

Color of lines drawn over text
public string $line_color
return string

$multi_text_color public_oe property

Array of Securimage_Colors which will be randomly selected for each letter.
public array $multi_text_color
return array

$num_lines public_oe property

Draw vertical and horizontal lines on the image.
See also: Securimage::$line_color
See also: Securimage::$draw_lines_over_text
public bool $num_lines
return boolean

$perturbation public_oe property

How much to distort image, higher = more distortion.
Distortion is only available when using TTF fonts.
public float $perturbation
return float

$session_name public_oe property

The session name to use if not the default. Blank for none
See also: http://php.net/session_name
Since: 2.0
public string $session_name
return string

$signature_color public_oe property

Color to use for writing signature text
Since: 2.0
public Securimage_Color $signature_color
return Securimage_Color

$sqlite_database public_oe property

Path to the file to use for storing codes for users.
THIS FILE MUST ABSOLUTELY NOT BE ACCESSIBLE FROM A WEB BROWSER!!
Put this file in a directory below the web root or one that is restricted (i.e. an apache .htaccess file with deny from all)
If you cannot meet those requirements your forms may not be completely protected.
You could obscure the database file name but this is also not recommended.
public string $sqlite_database
return string

$sqlite_handle public_oe property

Handle to SQLite database
public resource $sqlite_handle
return resource

$text_angle_maximum public_oe property

The minimum angle in degrees, with 0 degrees being left-to-right reading text.
Higher values represent a counter-clockwise rotation.
For example, a value of 90 would result in bottom-to-top reading text.
public int $text_angle_maximum
return integer

$text_angle_minimum public_oe property

The minimum angle in degrees, with 0 degrees being left-to-right reading text.
Higher values represent a counter-clockwise rotation.
For example, a value of 90 would result in bottom-to-top reading text.
This value along with maximum angle distance do not need to be very high with perturbation
public int $text_angle_minimum
return integer

$text_color public_oe property

The text color to use for drawing characters as a Securimage_Color.
This value is ignored if $use_multi_text is set to true.
Make sure this contrasts well with the background color or image.
See also: Securimage::$use_multi_text
public Securimage_Color $text_color
return Securimage_Color

$text_transparency_percentage public_oe property

The percentage of transparency, 0 to 100.
A value of 0 is completely opaque, 100 is completely transparent (invisble)
See also: Securimage::$use_transparent_text
public int $text_transparency_percentage
return integer

$text_x_start public_oe property

The X-Position on the image where letter drawing will begin.
This value is in pixels from the left side of the image.
Deprecation: 2.0
public int $text_x_start
return integer

$tmpimg public_oe property

Temporary image for rendering
public resource $tmpimg
return resource

$ttf_file public_oe property

The path to the TTF font file to load.
public string $ttf_file
return string

$use_gd_font public_oe property

Use a gd font instead of TTF
public $use_gd_font

$use_multi_text public_oe property

Set to true to use multiple colors for each character.
See also: Securimage::$multi_text_color
public bool $use_multi_text
return boolean

$use_sqlite_db public_oe property

Use an SQLite database for storing codes as a backup to sessions.
Note: Sessions will still be used
public $use_sqlite_db

$use_transparent_text public_oe property

Set to true to make the characters appear transparent.
See also: Securimage::$text_transparency_percentage
public bool $use_transparent_text
return boolean

$use_wordlist public_oe property

Use wordlist of not
public $use_wordlist

$wordlist_file public_oe property

Create codes using this word list
public $wordlist_file