Of course, there are limits here for the color blind or those using text browsers/screen readers...
As an alternative, if you needed to stick with text fonts, you could use some unusual-looking ones, like old english, or a 3-d looking one, perhaps combined with the color technique below.
-steve
At 8:09 AM +0100 11/26/02, Derick Rethans <[EMAIL PROTECTED]> wrote:
Leif K-Brooks wrote:I'm using a verification code image to stop automated sign ups, but two hackers seem to be OCRing it. I've looked through the registration script, and there's definitley no security holes. Does anyone have any ideas as to making the image harder to OCR?Use two different shades of one color (ie. blue and somewhat lighter blue). You may also want to do some tricks with the form of the characters, so instead having a nice "0" on your screen, you can use dots to somewhat represent it. (Much like the color-blindness tests do).
regards,
Derick
<?php
// seed with microseconds
function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 100000);
}
$seed = make_seed();
mt_srand($seed);
$dbh = mysql_connect ("", "", "") or exit;
mysql_select_db ("",$dbh) or exit;
$authimage = ImageCreate(40,15);
$bgnum = mt_rand(1,3);
switch($bgnum){
case 1:
$white = ImageColorAllocate($authimage, mt_rand(250,255), mt_rand(250,255), mt_rand(250,255));
break;
case 2:
$green = ImageColorAllocate($authimage, mt_rand(0,5), mt_rand(250,255), mt_rand(0,5));
break;
case 3:
$yellow = ImageColorAllocate($authimage, mt_rand(250,255), mt_rand(250,255), mt_rand(0,5));
break;
}
$black = ImageColorAllocate($authimage, mt_rand(0,30), 0, 0);
header("Content-type: image/png");
$getcode = mysql_fetch_array(mysql_query("select * from signupcodes where id = '$id'"));
imagestring($authimage,mt_rand(4,5),mt_rand(0,5),0,$getcode['code'],$black);
imageline($authimage,0,mt_rand(0,15),40,mt_rand(0,15),$black);
imageline($authimage,0,mt_rand(0,15),40,mt_rand(0,15),$black);
imagepng($authimage);
imagedestroy($authimage);
?>
-- ------------------------------------------------------------------------- Derick Rethans http://derickrethans.nl/ PHP Magazine - PHP Magazine for Professionals http://php-mag.net/ ------------------------------------------------------------------------- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- +------------------------------------------------------------------------+ | Steve Edberg [EMAIL PROTECTED] | | University of California, Davis (530)754-9127 | | Programming/Database/SysAdmin http://pgfsun.ucdavis.edu/ | +------------------------------------------------------------------------+ | SETI@Home: 1001 Work units on 23 oct 2002 | | 3.152 years CPU time, 3.142 years SETI user... and STILL no aliens... | +------------------------------------------------------------------------+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php