Comments on: Pretty CAPTCHA http://www.cneophytou.com/2007/03/06/pretty-captcha/ Things programmers do that they know shouldn't work but they try anyway, and which sometimes actually work, such as recompiling everything. Fri, 16 Dec 2011 15:45:58 +0000 hourly 1 http://wordpress.org/?v= By: doc http://www.cneophytou.com/2007/03/06/pretty-captcha/comment-page-1/#comment-3083 doc Sat, 04 Feb 2012 11:00:00 +0000 http://www.cneophytou.com/2007/03/06/pretty-captcha/#comment-3083 you should put the letters, on average, a little closer together, so that it prevents scanners from easily ignoring your line. overlapping letters are very hard for amateur OCR's to parse. also, the font should be randomized (catpcha1.ttf, catpcha2.ttf). should have 50 fonts at a minimum. finally, you need to throttle the number of images generates on a per-ip or per-cookie basis.... or else someone will crack it using a random-seed attack or partial-brute-force with an OCR, etc. you should put the letters, on average, a little closer together, so that it prevents scanners from easily ignoring your line. overlapping letters are very hard for amateur OCR’s to parse. also, the font should be randomized (catpcha1.ttf, catpcha2.ttf). should have 50 fonts at a minimum. finally, you need to throttle the number of images generates on a per-ip or per-cookie basis…. or else someone will crack it using a random-seed attack or partial-brute-force with an OCR, etc.

]]> By: Constantinos http://www.cneophytou.com/2007/03/06/pretty-captcha/comment-page-1/#comment-2283 Constantinos Sat, 04 Feb 2012 01:01:00 +0000 http://www.cneophytou.com/2007/03/06/pretty-captcha/#comment-2283 [quote post="87"]this is what i get when running the script on my localhost, all GD functions are working on my php conf[/quote] Comment out the <code>header("Content-Type: image/png");</code> line, and visit the script directly (i.e. load <code>http://localhost/captcha/captcha.php</code> in your browser). That should give you the exact errors that are produced, and help you debug it.

this is what i get when running the script on my localhost, all GD functions are working on my php conf

Comment out the header("Content-Type: image/png"); line, and visit the script directly (i.e. load http://localhost/captcha/captcha.php in your browser). That should give you the exact errors that are produced, and help you debug it.

]]> By: Angelivene http://www.cneophytou.com/2007/03/06/pretty-captcha/comment-page-1/#comment-2282 Angelivene Sat, 04 Feb 2012 22:12:00 +0000 http://www.cneophytou.com/2007/03/06/pretty-captcha/#comment-2282 The image “http://localhost/captcha/captcha.php” cannot be displayed, because it contains errors. this is what i get when running the script on my localhost, all GD functions are working on my php conf The image “http://localhost/captcha/captcha.php” cannot be displayed, because it contains errors.

this is what i get when running the script on my localhost, all GD functions are working on my php conf

]]> By: Alix Axel http://www.cneophytou.com/2007/03/06/pretty-captcha/comment-page-1/#comment-1995 Alix Axel Sat, 04 Feb 2012 19:50:00 +0000 http://www.cneophytou.com/2007/03/06/pretty-captcha/#comment-1995 Very nice code indeed! Very nice code indeed!

]]> By: James Cooke dot info » Blog Archive » Form spam - PHP CAPTCHAs and Akismet http://www.cneophytou.com/2007/03/06/pretty-captcha/comment-page-1/#comment-1600 James Cooke dot info » Blog Archive » Form spam - PHP CAPTCHAs and Akismet Sat, 04 Feb 2012 15:42:00 +0000 http://www.cneophytou.com/2007/03/06/pretty-captcha/#comment-1600 [...] Constantinos Neophytou’s Pretty CAPTCHA This option looks excellent, although I didn’t give it a go for two reasons - I couldn’t see how to “attribute the work in the manner specified by the author” in order to comply with the CC license that the code is released under, and in looking at the contact form at the bottom of the page I found reCAPTCHA, which distracted me completely! [...] [...] Constantinos Neophytou’s Pretty CAPTCHA This option looks excellent, although I didn’t give it a go for two reasons – I couldn’t see how to “attribute the work in the manner specified by the author” in order to comply with the CC license that the code is released under, and in looking at the contact form at the bottom of the page I found reCAPTCHA, which distracted me completely! [...]

]]> By: Constantinos http://www.cneophytou.com/2007/03/06/pretty-captcha/comment-page-1/#comment-675 Constantinos Sat, 04 Feb 2012 22:47:00 +0000 http://www.cneophytou.com/2007/03/06/pretty-captcha/#comment-675 As an addition to the post, I'd just like to mention that what I was looking for from a captcha is: <ol><li>No processing should happen on the client side</li><li>It should not be text based or hidden field based</li><li>Should not be readable by a plain OCR program</li><li>Have at least some level of complexity for image readers</li><li>Be customized, and look nice</li></ol> Now obviously this is not going to start appearing on any sites like digg.com, and I've only implemented it on a site that won't worth any spammers time to write an image processing script that reads this image. The code chooses the colors randomly, and one suggestion for improvement I received was to add some basic shapes around the letters that were the same color as the letter. That's a pretty good idea and easy to implement, and I might just do that if I can come up with a way that will guarantee the image will always (or most of the time) be readable by humans... As an addition to the post, I’d just like to mention that what I was looking for from a captcha is:

  1. No processing should happen on the client side
  2. It should not be text based or hidden field based
  3. Should not be readable by a plain OCR program
  4. Have at least some level of complexity for image readers
  5. Be customized, and look nice

Now obviously this is not going to start appearing on any sites like digg.com, and I’ve only implemented it on a site that won’t worth any spammers time to write an image processing script that reads this image. The code chooses the colors randomly, and one suggestion for improvement I received was to add some basic shapes around the letters that were the same color as the letter. That’s a pretty good idea and easy to implement, and I might just do that if I can come up with a way that will guarantee the image will always (or most of the time) be readable by humans…

]]>