diff options
Diffstat (limited to 'user_guide_src/source/helpers/captcha_helper.rst')
-rw-r--r-- | user_guide_src/source/helpers/captcha_helper.rst | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/user_guide_src/source/helpers/captcha_helper.rst b/user_guide_src/source/helpers/captcha_helper.rst new file mode 100644 index 000000000..48095a11d --- /dev/null +++ b/user_guide_src/source/helpers/captcha_helper.rst @@ -0,0 +1,156 @@ +############## +CAPTCHA Helper +############## + +The CAPTCHA Helper file contains functions that assist in creating +CAPTCHA images. + +.. contents:: Page Contents + +Loading this Helper +=================== + +This helper is loaded using the following code + +:: + + $this->load->helper('captcha'); + +The following functions are available: + +create_captcha($data) +===================== + +Takes an array of information to generate the CAPTCHA as input and +creates the image to your specifications, returning an array of +associative data about the image. + +.. php:method:: function create_captcha($data = '', $img_path = '', $img_url = '', $font_path = '') + + :param array $data: array of data for the CAPTCHA + :param string $img_path: path to create the image in + :param string $img_url: URL to the CAPTCHA image folder + :param string $font_path: server path to font + :returns: array('word' => $word, 'time' => $now, 'image' => $img) + + +:: + + [array] ( + 'image' => IMAGE TAG + 'time' => TIMESTAMP (in microtime) + 'word' => CAPTCHA WORD ) + +The "image" is the actual image tag: + +:: + + <img src="http://example.com/captcha/12345.jpg" width="140" height="50" /> + + +The "time" is the micro timestamp used as the image name without the +file extension. It will be a number like this: 1139612155.3422 + +The "word" is the word that appears in the captcha image, which if not +supplied to the function, will be a random string. + +Using the CAPTCHA helper +------------------------ + +Once loaded you can generate a captcha like this + +:: + + $vals = array( + 'word' => 'Random word', + 'img_path' => './captcha/', + 'img_url' => 'http://example.com/captcha/', + 'font_path' => './path/to/fonts/texb.ttf', + 'img_width' => '150', + 'img_height' => 30, + 'expiration' => 7200 + ); + + $cap = create_captcha($vals); echo $cap['image']; + + +- The captcha function requires the GD image library. +- Only the img_path and img_url are required. +- If a "word" is not supplied, the function will generate a random + ASCII string. You might put together your own word library that you + can draw randomly from. +- If you do not specify a path to a TRUE TYPE font, the native ugly GD + font will be used. +- The "captcha" folder must be writable (666, or 777) +- The "expiration" (in seconds) signifies how long an image will remain + in the captcha folder before it will be deleted. The default is two + hours. + +Adding a Database +----------------- + +In order for the captcha function to prevent someone from submitting, +you will need to add the information returned from create_captcha() +function to your database. Then, when the data from the form is +submitted by the user you will need to verify that the data exists in +the database and has not expired. + +Here is a table prototype + +:: + + CREATE TABLE captcha ( + captcha_id bigint(13) unsigned NOT NULL auto_increment, + captcha_time int(10) unsigned NOT NULL, + ip_address varchar(16) default '0' NOT NULL, + word varchar(20) NOT NULL, + PRIMARY KEY `captcha_id` (`captcha_id`), + KEY `word` (`word`) + ); + +Here is an example of usage with a database. On the page where the +CAPTCHA will be shown you'll have something like this + +:: + + $this->load->helper('captcha'); + $vals = array( + 'img_path' => './captcha/', + 'img_url' => 'http://example.com/captcha/' + ); + + $cap = create_captcha($vals); + $data = array( + 'captcha_time' => $cap['time'], + 'ip_address' => $this->input->ip_address(), + 'word' => $cap['word'] + ); + + $query = $this->db->insert_string('captcha', $data); + $this->db->query($query); + + echo 'Submit the word you see below:'; + echo $cap['image']; + echo '<input type="text" name="captcha" value="" />'; + +Then, on the page that accepts the submission you'll have something like +this + +:: + + // First, delete old captchas + $expiration = time() - 7200; // Two hour limit + $this->db->where('captcha_time < ', $expiration) + ->delete('captcha'); + + // Then see if a captcha exists: + $sql = "SELECT COUNT(*) AS count FROM captcha WHERE word = ? AND ip_address = ? AND captcha_time > ?"; + $binds = array($_POST['captcha'], $this->input->ip_address(), $expiration); + $query = $this->db->query($sql, $binds); + $row = $query->row(); + + if ($row->count == 0) + { + echo "You must submit the word that appears in the image"; + } + |