captcha works locally, but not on server!
I have a very annoying problem. I have a captcha system that work on my local network setup with xammp, but it does not work on my remote linux box. I have a teori that the captcha.php file reloads somehow, but I tried removing my google analytic javascript, but it still didn't work.
Here is my html:
<div class="box">
<h2>Captcha</h2>
<div class="block">
<p>Are you human? Type in the text bellow to prove it.</p>
<table><form action="homepage.php" method="post">
<tr>
<td><img src="captcha.php?width=120&height=40&characters=5" /></td>
<td>
<label for="security_code">Security Code:</label><input id="security_code" name="security_code" type="text" />
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="human" value="Submit" /></td>
</tr>
</form></table>
</div>
</div
captcha.php
<?php
session_start();
/*
* File: CaptchaSecurityImages.php
* Author: Simon Jarvis
* Copyright: 2006 Simon Jarvis
* Date: 03/08/06
* Updated: 07/02/07
* Requirements: PHP 4/5 with GD and FreeType libraries
* Link: http://www.white-hat-web-design.co.uk/articles/php-captcha.php
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details:
* http://www.gnu.org/licenses/gpl.html
*
*/
class CaptchaSecurityImages {
var $font = 'fonts/monofont.ttf';
function generateCode($characters) {
/* list all possible characters, similar looking characters and vowels have been removed */
$possible = '23456789bc开发者_JS百科dfghjkmnpqrstvwxyz';
$code = '';
$i = 0;
while ($i < $characters) {
$code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
$i++;
}
return $code;
}
function CaptchaSecurityImages($width='120',$height='40',$characters='6') {
$code = $this->generateCode($characters);
/* font size will be 75% of the image height */
$font_size = $height * 0.75;
$image = @imagecreate($width, $height) or die('Cannot initialize new GD image stream');
/* set the colours */
$background_color = imagecolorallocate($image, 255, 255, 255);
$text_color = imagecolorallocate($image, 20, 40, 100);
$noise_color = imagecolorallocate($image, 100, 120, 180);
/* generate random dots in background */
for( $i=0; $i<($width*$height)/3; $i++ ) {
imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color);
}
/* generate random lines in background */
for( $i=0; $i<($width*$height)/150; $i++ ) {
imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), $noise_color);
}
/* create textbox and add text */
$textbox = imagettfbbox($font_size, 0, $this->font, $code) or die('Error in imagettfbbox function');
$x = ($width - $textbox[4])/2;
$y = ($height - $textbox[5])/2;
imagettftext($image, $font_size, 0, $x, $y, $text_color, $this->font , $code) or die('Error in imagettftext function');
/* output captcha image to browser */
header('Content-Type: image/jpeg');
imagejpeg($image);
imagedestroy($image);
$_SESSION['security_code'] = $code;
}
}
$width = isset($_GET['width']) ? $_GET['width'] : '120';
$height = isset($_GET['height']) ? $_GET['height'] : '40';
$characters = isset($_GET['characters']) && $_GET['characters'] > 1 ? $_GET['characters'] : '6';
$captcha = new CaptchaSecurityImages($width,$height,$characters);
?>
part of the check function :
if( $_SESSION['security_code'] != $code_input ){
unset($_SESSION['security_code']);
return 1;
}
EDIT:
ok, I added this to the html:
<input type="submit" name="test" value="test" />
and this to the php:
if( isset($_POST["test"]) ){
echo $_SESSION['security_code'];
}
Locally when I click test i shows the code in the image, generated by captcha.php. On the server however, it shows a random number.. How can this be? I will update the my post if I find out anything more
Check if GD is installed on your host.
<?php
phpinfo();
?>
A phpinfo() will tell you.
Check for a section titled 'GD', if it's not there you can't create images.
I fixed it: Never understood the bug, but realized that the captcha.php file was loaded and changed the session variable somehow. So I added this to the captcha
if( isset($_SESSION['security_code']) ){
return $_SESSION['security_code'];
}
and I removed all the
unset($_SESSION['security_code'])
Now the image code and the session code stays the same if the session code is set. This might be a security risk as users can bruteforce the captcha, but I don't think users would go that far to break the security.
Hey I have same issue but I have solve my problem. My code was different but have same problem. I have placed my captcha code generation code in captcha folder at that time captcha code does not match. But when I remove my whole code from that folder and place all code in root folder it works fine.May be this will help you...
This problem really sucks, fortunately a solution is easy. Go to:
/wp-config.php
And find a line (39 or so) and comment out this function call:
// Turn register_globals off.
//wp_unregister_GLOBALS();
Worpress will no longer kill your $_SESSION vars. Btw. if you have register_globals off on your server, Worpress will let your $_SESSION live too.. strange :)
Credits to WP support forum http://wordpress.org/support/topic/wp-blog-headerphp-killing-sessions
精彩评论