source: sandbox/2.2.0.2/security/captcha.php @ 3448

Revision 3448, 4.7 KB checked in by rafaelraymundo, 13 years ago (diff)

Ticket #990 - Vulnerabilidades no Anti robo Captcha do Login

Line 
1<?php
2 /******************************************************************
3   Projectname:   CAPTCHA class
4   Version:       1.1
5   Author:        Pascal Rehfeldt <Pascal@Pascal-Rehfeldt.com>
6   Last modified: 15. March 2004
7   Copyright (C): 2003, 2004 Pascal Rehfeldt, all rights reserved
8
9   * GNU General Public License (Version 2, June 1991)
10   *
11   * This program is free software; you can redistribute
12   * it and/or modify it under the terms of the GNU
13   * General Public License as published by the Free
14   * Software Foundation; either version 2 of the License,
15   * or (at your option) any later version.
16   *
17   * This program is distributed in the hope that it will
18   * be useful, but WITHOUT ANY WARRANTY; without even the
19   * implied warranty of MERCHANTABILITY or FITNESS FOR A
20   * PARTICULAR PURPOSE. See the GNU General Public License
21   * for more details.
22
23   Description:
24   This class can generate CAPTCHAs, see README for more details!
25
26   Get the "Hurry up!" Font for the Captcha and
27   save it in the same directory as this file.
28
29   "Hurry up!" Font (c) by Andi
30   See http://www.1001fonts.com/font_details.html?font_id=2366
31  ******************************************************************/
32
33  class captcha
34  {
35
36    var $Length;
37    var $CaptchaString;
38    var $ImageType;
39    var $Font;
40    var $CharWidth;
41
42    function captcha ($length = 5, $type = 'png')
43    {
44      $this->Length    = $length;
45      $this->ImageType = $type;
46      $this->Font      = './hurryup.ttf';     
47      $this->CharWidth = 27;
48      $this->StringGen();
49    }
50
51    function Showcaptcha()
52    {
53      $this->SendHeader();
54      $this->MakeCaptcha();   
55    }
56
57    function StringGen ()
58    {
59      $uppercase  = range('A', 'Z');
60      $numeric    = range(0, 9);
61      $CharPool   = array_merge($uppercase, $numeric);
62      $PoolLength = count($CharPool) - 1;
63      for ($i = 0; $i < $this->Length; $i++)
64      {
65        $this->CaptchaString .= $CharPool[mt_rand(0, $PoolLength)];
66      }
67    }
68
69    function SendHeader ()
70    {
71      switch ($this->ImageType)
72      {
73        case 'jpeg': header('Content-type: image/jpeg'); break;
74        case 'png':  header('Content-type: image/png');  break;
75        default:     header('Content-type: image/png');  break;
76      }
77    }
78
79    function MakeCaptcha ()
80    {
81      $imagelength = $this->Length * $this->CharWidth + 16;
82      $imageheight = 37;
83      $image       = imagecreate($imagelength, $imageheight);
84      $bgcolor     = imagecolorallocate($image, 146, 176, 212);
85      $stringcolor = imagecolorallocate($image, 0, rand(0,100), rand(0,155));
86      $linecolor   = imagecolorallocate($image, 0, 0, 0);
87      imagettftext($image, 20, rand(-4,4),8,30,
88                   $stringcolor,
89                   $this->Font,
90                   $this->CaptchaString);
91      imagecolortransparent($image,$bgcolor);
92
93      function hex2int($image, $color) {
94              $string = str_replace("#","",$color);
95              $red = hexdec(substr($string,0,2));
96              $green = hexdec(substr($string,2,2));
97              $blue = hexdec(substr($string,4,2));
98
99              $color_int = imagecolorallocate($image, $red, $green, $blue);
100              return($color_int);
101      }
102      // create a blank image
103      $src = imagecreatetruecolor(151, 37);
104
105      // fill the background color
106      imagefill($src, 0, 0, hex2int($src, "FFFFFF") );
107
108
109        /* Put some elipses */
110      for ($i=0; $i < 5; $i++)
111      {
112              $col_ellipse = imagecolorallocate($src, rand (60,255), rand(60,255), rand(60, 255));
113              imagefilledellipse($src, rand(1,150), rand(1,50), rand(10,30), rand(10,30), $col_ellipse);
114      }
115
116        /* Put some vertical lines*/
117      for ($i=0; $i < 5; $i++)
118      {
119              $xr = rand(0,130);
120              $yr = rand(0,40);
121              imagefilledrectangle($src, $xr, $yr, $xr+100, $yr+1, rand(0,255));
122      }
123
124        /*Put some horizontal lines*/
125      for ($i=0; $i < 5; $i++)
126      {
127              $xr = rand(0,130);
128              $yr = rand(0,40);
129              imagefilledrectangle($src, $xr, $yr, $xr+1, $yr+100, rand(0,255));
130      }
131
132      imagecopymerge($image, $src, 0, 0, 0, 0, 151, 37, 25);
133
134      switch ($this->ImageType)
135      {
136        case 'jpeg': imagejpeg($image); break;
137        case 'png':  imagepng($image);  break;
138        default:     imagepng($image);  break;
139      }
140    }
141
142    function GetCaptchaString ()
143    {
144      return $this->CaptchaString;
145    }
146   
147  }
148 
149 // ************  Fim da Classe  *************************
150  //Cria o CAPTCHA,  gera o string e a imagem ...
151  $GLOBALS['captcha'] = new captcha;
152  // Guarda o string do captcha na session...
153  session_name('sessionid');
154  session_start();
155  $_SESSION['CAPTCHAString'] = $GLOBALS['captcha'] ->GetCaptchaString();
156  // Vai exibir a imagem do captcha...
157  $GLOBALS['captcha'] ->Showcaptcha();
158?>
Note: See TracBrowser for help on using the repository browser.