Numeric Captcha for PHP

Is there a numeric captcha available for PHP?

(which doesn't rely on JavaScript be开发者_JS百科ing turned on)

---

EDIT:

• I know there are JS-independent captchas out there.
• I know there are PHP captchas out there.
• I know there are numeric captchas out there.

But I'm looking for a PHP numeric Javascript-independent captcha.

The only numeric captcha's I've found are either for ASP.NET or jQuery/JS based ones.

I don't want any of those as an answer to the question.

And I'm not taking about a small website here. In the answer I'd like to know whether your suggestion puts a lot of strain on the server or not.

---

I guess it can't be avoided to deal with rendering an image when dealing with captchas? Here's a simple one (and may not be the most elegant):

session_start();

$strings = '123456789';
$i = 0;
$characters = 6;
$code = '';
while ($i < $characters)
{ 
    $code .= substr($strings, mt_rand(0, strlen($strings)-1), 1);
    $i++;
} 

$_SESSION['captcha'] = $code;

//generate image
$im = imagecreatetruecolor(124, 40);
$foreground = imagecolorallocate($im, 0, 0, 0);
$shadow = imagecolorallocate($im, 173, 172, 168);
$background = imagecolorallocate($im, 255, 255, 255);

imagefilledrectangle($im, 0, 0, 200, 200, $background);

// use your own font!
$font = 'monofont.ttf';

//draw text:
imagettftext($im, 35, 0, 9, 28, $shadow, $font, $code);
imagettftext($im, 35, 0, 2, 32, $foreground, $font, $code);     

// prevent client side  caching
header("Expires: Wed, 1 Jan 1997 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

//send image to browser
header ("Content-type: image/png");
imagepng($im);
imagedestroy($im);

Display it in a form:

<img src="captcha.php">
Enter the code above: <input type="text" name="captcha">

Once submitted, check the entered code:

if ($_POST['captcha'] == $_SESSION['captcha'])
    // do your thing

---

CAPTCHA's dont necessarily rely on javascript (I think your thinking of reCATCHA), a stand alone image is all you need.

http://www.phpcaptcha.org/

At it's most simple, a numeric CAPTCHA would work like...

<?php
session_start();

if (isset($_POST['code'])) {
    if ($_POST['code'] == $_SESSION['captcha']) {
        echo "Captcha valid";
    }
    else {
        echo "Captcha NOT valid";
    }
}

$_SESSION['captcha'] = mt_rand(10000, 99999);
?>
<form action="" method="post">
    <p>Enter this number: <?php echo $_SESSION['captcha']; ?></p>
    <p><input type="text" name="code" /> <input type="submit" value="Submit" />
</form>

---

May be you have also thought about a figlet captcha. This saves lots of time, because you don't need images to be rendered. In my homepage I am using this kind of captcha. You may take a look at this page (scroll to the bottom, you can't oversee it ;)). I've implemented it via Zend-Framework. Better said with Zend_Captcha_Figlet.

However I think it's hard to implement if you are not using Zend_Form. But I think it's quite a nice solution.

EDIT

Another solution would be a blind-captcha. It's very easy to implement and works great (had good experience with that for a long time). It works like this:

• In your form provide an input-field with an empty value.
• Hide it initially via css (this should not be done with inline-styles)
• in your form-validation (php) check if this field contains a value. if so it's probably a spambot who filled out each and every input-field.
• A user won't fill it, because he doesn't see it (of course he will see it, if he has disabled css in his browser)

Easy, but effective.

---

You can use http://www.captcha.ru/kcaptcha/ Default this library generate key with alphabet symbols, but you can change config file(set new value for variable $allowed_symbols = "0123456789" as example) for generating only numeric keys.

---

Don't go for any other php files for adding numerical captcha in your form.Just try the following

    <input id="num1" type="text" name="num1" value="<?php echo rand(1,4); ?>" readonly="readonly" /> +
<input id="num2" type="text" name="num2" value="<?php echo rand(5,9); ?>" readonly="readonly" /> =
<input id="captcha" class="captcha" type="text" onblur="check_captcha(this.value);" maxlength="2" />  

and in the function you can validate easily

<script>
function check_captcha(res)
{
if(res)
{
var val=parseInt($('#num1').val())+parseInt($('#num2').val());
if(val!=res)
{
alert('Incorrect value, please try again');
$('#captcha').val('');
$('#captcha').focus();
}
}
}
</script>

---

Just open any captcha php file and remove letters from the string which generates captcha word