![[Back to main]](/gfx/home.gif)
![[Printable version]](/gfx/print.gif)
![[Search]](/gfx/search.gif)
![[Leave a comment]](/gfx/comment.gif)
Knablart CAPTCHA
CAPTCHA picture generator in C++/QT3 and a cookieless, databaseless, AJAX aware checking system in PHP
Copyright (C) 2003-2007 by Jarno Elonen <elonen@iki.fi>
- Download: knablart-captcha-0.6.tar.gz
- Licensed under the LGPL (GNU Lesser General Public License)
Quickstart
- install
- PHP with mcrypt, db4 and CLI support ('php' executable)
- imagemagick
- g++
- QT3 and qmake
- run
./build-all.shand wait forever as it generates 5000 images - If everything went right, you should now have a
captcha.dbof about 7MB worth of CAPTCHA images. They should also be inpic-generator/generated/as separate GIFs - Edit
config.incappropriately- Check your installation path
- Change the encryption key. Don't use the default key!
- Put the whole thing under some web directory and try out
usage-example.php.- Don't forget to copy
.htaccess, too! Otherwise the DB and you encryption key will be world-accessible!
- Don't forget to copy
How it works
- Off-line preparation:
- Creates a large enough amount of challenge pictures (gifs) with a C++/QT3 program (QT4 probably won't work)
- Puts them into a DBA (default: db4) file
- On-line:
- Creates HTML and Javascript for the challenge with one PHP call (see usage-example.php).
- Sends an encrypted version of the correct answer and a timestamp along with the form code in a "type=hidden" field.
- This makes and HTTP session management unnecessary.
- Points the
imgtag to a PHP script that decrypts the answer field and fetches the correct image data from the DBA file.
- If Javascript is enabled, checks user's answer AJAX-style (immediately by a Javascript HTTP request) and displays "OK" or "Wrong" even before the user hits Submit. Failure results in a 2-3 second delay.
- When checking the answer (on HTTP server side), decrypts the correct answer and fails expired (time configurable) challenges to prevent answer reuse (playback attacks).
Examples
