source: trunk/lib/Captcha.inc.php

<?php
/**
 * The Strangecode Codebase - a general application development framework for PHP
 * For details visit the project site: <http://trac.strangecode.com/codebase/>
 * Copyright 2001-2012 Strangecode, LLC
 * 
 * This file is part of The Strangecode Codebase.
 *
 * The Strangecode Codebase is free software: you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your option)
 * any later version.
 * 
 * The Strangecode Codebase is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
 * details.
 * 
 * You should have received a copy of the GNU General Public License along with
 * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
 */

/**
 * Captcha.inc.php
 *
 * ASCII captcha system.
 *
 * @author  Quinn Comendant <quinn@strangecode.com>
 * @version 1.0
-------------------------------------------------------------------------------------
// Example.

// Instantiate new Captcha. This automatically generates a new 4-digit captcha number.
$captcha = new Captcha();

<!-- HTML form for captcha -->
<label for="sc-captcha"><?php echo _("Reverse Turing Test") ?></label>
<p class="sc-help"><?php echo _("Please type the following number to prove you are a human. This is a measure to prevent spam robots from submitting this form.") ?></p>
<pre style="font-size: 0.5em;"><?php $captcha->printAsciiNumber() ?></pre>
<?php $captcha->printForm() ?>

// Finally, test if the captcha was submitted correctly.
if (!$captcha->valid()) {
    // Go back, show error.
}

// Or if you're using the FormValidator class.
if (!$captcha->valid()) {
    $fv->addError('sc-captcha', _("The Captcha you entered is invalid. Please try again."));
}

-------------------------------------------------------------------------------------
 */
class Captcha
{

    public $secret_key = 'some random seed text for the md5';
    public $random_number;
    public $ascii_numbers = array(
        array(
            '  #####   ',
            ' ##   ##  ',
            '##     ## ',
            '##     ## ',
            '##     ## ',
            ' ##   ##  ',
            '  #####   ',
        ), array(
            '   ##   ',
            ' ####   ',
            '   ##   ',
            '   ##   ',
            '   ##   ',
            '   ##   ',
            ' ###### ',
        ), array(
            ' #######  ',
            '##     ## ',
            '       ## ',
            ' #######  ',
            '##        ',
            '##        ',
            '######### ',
        ), array(
            ' #######  ',
            '##     ## ',
            '       ## ',
            ' #######  ',
            '       ## ',
            '##     ## ',
            ' #######  ',
        ), array(
            '##        ',
            '##    ##  ',
            '##    ##  ',
            '##    ##  ',
            '######### ',
            '      ##  ',
            '      ##  ',
        ), array(
            '######## ',
            '##       ',
            '##       ',
            '#######  ',
            '      ## ',
            '##    ## ',
            ' ######  ',
        ), array(
            ' #######  ',
            '##     ## ',
            '##        ',
            '########  ',
            '##     ## ',
            '##     ## ',
            ' #######  ',
        ), array(
            '######## ',
            '##    ## ',
            '    ##   ',
            '   ##    ',
            '  ##     ',
            '  ##     ',
            '  ##     ',
        ), array(
            ' #######  ',
            '##     ## ',
            '##     ## ',
            ' #######  ',
            '##     ## ',
            '##     ## ',
            ' #######  ',
        ), array(
            ' #######  ',
            '##     ## ',
            '##     ## ',
            ' ######## ',
            '       ## ',
            '##     ## ',
            ' #######  ',
        )
    );
    
    /**
     * Constructor. Initialized new random number.
     *
     * @access  public
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   20 Jan 2006 13:08:22
     */
    public function __construct()
    {
        $app =& App::getInstance();
    
        $this->secret_key = $app->getParam('signing_key');
        $this->random_number = $this->_getRandomNumber();
    }

    /**
     * Print ASCII number.
     *
     * @access  public
     * @param   mixed   $num    Number to convert.
     * @return  string  ASCII-ized number
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   07 Dec 2005 21:59:25
     */
    public function getAsciiNumber($num=null)
    {
        $app =& App::getInstance();
    
        if (!isset($num)) {
            $num = $this->random_number;
        }

        if (preg_match('/[^\d]/', $num)) {
            $app->logMsg(sprintf('Bad number: %s', $num), LOG_ERR, __FILE__, __LINE__);
            return false;
        }

        // Number must be an array of strings.
        $num = preg_split('//', strval($num), -1, PREG_SPLIT_NO_EMPTY);

        // All chars must be same height.
        $output = '';
        $char_height = sizeof($this->ascii_numbers[0]);
        for ($i=0; $i<$char_height; $i++) {
            foreach ($num as $n) {
                $output .= $this->ascii_numbers[$n][$i];
            }
            $output .= "\n";
        }

        return $output;
    }

    /**
     * Prints the captcha ASCII numbers.
     *
     * @access  public
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   07 Dec 2005 22:09:04
     */
    public function printAsciiNumber()
    {
        $ascii = $this->getAsciiNumber($this->random_number);
        ?><pre id="sc-captcha"><?php echo $ascii ?></pre><?php
    }

    /**
     * Prints a form to enter captcha, including the required hidden hash form.
     *
     * @access  public
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   07 Dec 2005 22:09:04
     */
    public function printForm()
    {
        $hash = $this->_getMD5key($this->random_number);
        ?>
        <input name="sc-captcha-input" id="sc-captcha-input" class="sc-small" type="text" />
        <input name="sc-captcha-hash" id="sc-captcha-hash" type="hidden" value="<?php echo $hash ?>" />
        <?php
    }

    /**
     * Validate submitted number against ascii captcha.
     * Regenerate md5 hash from submitted captcha number and compare with posted hash.
     *
     * @access  public
     * @return  bool    True if number matches hash or false if EVIL ROBOT.
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   07 Dec 2005 22:19:33
     */
    public function valid()
    {
        $number = getFormData('sc-captcha-input');
        $hash = getFormData('sc-captcha-hash');

        if ('' == $number . $hash) {
            return false;
        }

        return $this->_getMD5key($number) == $hash;
    }

    /**
     * Generate random number 3-to-5 digits long.
     *
     * @access  private
     * @return  int         Generated number.
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   07 Dec 2005 21:40:25
     */
    public function _getRandomNumber()
    {
        return mb_substr(strval(rand(10000, 99999)), 0, rand(3, 5));
    }

    /**
     * Generate md5 hash of number using secret key.
     *
     * @access  private
     * @param   string  $input  Input text to whack.
     * @return  string  md5 sum of input + seed
     * @author  Quinn Comendant <quinn@strangecode.com>
     * @since   07 Dec 2005 21:53:35
     */
    public function _getMD5key($input)
    {
        return md5($this->secret_key . $input);
    }

}