So, you have a public submission form on your website (contact page, forum submission):
|
| <form method="post" action="">
<table bgcolor="#CCCCCC"> <tr><th>Contact us (Post new message):</th></tr> <tr><td><textarea cols="30" rows="5"></textarea></td></tr> <tr><th><input type="submit" value="Submit"></th></tr> </table> </form> |
and need to prevent spam auto-submitters. Common way to do this is to implement CAPTCHA - an image with randomly generated string:
Simple and quick PHP solution:
1. Make a PHP script which will generate the image:
|
<?php
session_start(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); function _generateRandom($length=6) { $_rand_src = array( array(48,57) //digits , array(97,122) //lowercase chars // , array(65,90) //appercase chars ); srand ((double) microtime() * 1000000); $random_string = ""; for($i=0;$i<$length;$i++){ $i1=rand(0,sizeof($_rand_src)-1); $random_string .= chr(rand($_rand_src[$i1][0],$_rand_src[$i1][1])); } return $random_string; } $im = @imagecreatefromjpeg("captcha.jpg"); $white = ImageColorAllocate ($im, 255, 255, 255); $black = ImageColorAllocate ($im, 0, 0, 0); $rand = _generateRandom(3); $_SESSION['captcha'] = $rand; ImageString($im, 5, 2, 2, $rand[0]." ".$rand[1]." ".$rand[2]." ", $black); $rand = _generateRandom(3); ImageString($im, 5, 2, 2, " ".$rand[0]." ".$rand[1]." ".$rand[2], ImageColorAllocate ($im, 255, 0, 0)); Header ('Content-type: image/jpeg'); imagejpeg($im,NULL,100); ImageDestroy($im); ?> |
2. Add the following line at the top of the page where you need to implement CAPTCHA:
| <?php session_start() ?> |
3. Add the following line to check is CAPTCHA entered by visitor valid, before the line where you will proceed submitted message:
|
<?php
if($_SESSION["captcha"]==$_POST["captcha"]) { //CAPTHCA is valid; proceed the message: save to database, send by e-mail ... } ?> |
4. Finaly add the CAPTCHA to the form:
|
| <?php session_start() ?>
<form method="post" action=""> <table bgcolor="#CCCCCC"> <tr><th>Contact us (Post new message):</th></tr> <tr><td><textarea cols="30" rows="5" name="message"></textarea></td></tr> <tr><td align="center">CAPTCHA:<br> (antispam code, 3 black symbols)<br> <table> <tr> <td> <img src="/img_articles/12998/captcha.php" alt="captcha image"> </td> <td> <input type="text" name="captcha" size="3" maxlength="3"> </td> </tr> </table> </td></tr> <tr><th><input type="submit" value="Submit"></th></tr> </table> </form> <?php if(isset($_POST["captcha"])) if($_SESSION["captcha"]==$_POST["captcha"]) { //CAPTHCA is valid; proceed the message: save to database, send by e-mail ... echo 'CAPTHCA is valid; proceed the message'; } else { echo 'CAPTHCA is not valid; ignore the submission'; } ?> |
