>> Table of Contents >> Developer's Manual

Using a CAPTCHA

General introduction

A CAPTCHA is a used for protection from Spam. Therefor a graphic is displayed containing a text, which the user must retype. While a human may solve this task easily, a Bot will most possibly fail. This way a large amount of junk messages may be avoided.

The Framework has a function for producing a CAPTCHA diagram in the png format (MIME type "image/png"), which contains a coincidentally produced code of numbers and letters. A parameter indicates the item number of this code in the current code table. The code table contains 10 entries and expires automatically within a period of 10 minutes through 3 hours after the call of the function. If the table has expired, a new table is created automatically.

How do I use a CAPTCHA in my plug-in?

The Yana PHP-Framework already implements such a function. You don't have to write it - just use it.

The CAPTCHA consists of two parts: a graphic with an input field, which is to be included in the template and a check-code, which is to be inserted in the source code of the plug-in and which returns true or false, if the input was correct or wrong.

See the following example:

Source code for the template:
[%captcha%]

Screenshot
Figure: Example of the representation in the Browser

Source code of the plug-in:
<?php 
global $YANA;

/**
 * to check input:
 * 
 * The variable $form_data can be set to
 * $_POST, $_GET, or $ARGS.
 */
$bool $YANA->handle("security_check_image"$form_data);<br/>
if ($bool) {
    print "Input correct.";
} else {
    print "Input is false.";
}
?>

For version older than 2.9.3

Support for CAPTCHAs has been introduced in version 2.8.0. The example above works for Yana PHP-Framework version 2.9.3. In this version handling of CAPTCHAs was simplified.

For the older version 2.8.0 through 2.9.2 use the following example:

Source code for the template:
<input type="hidden" name="security_image_index" value="[%$SECURITY_IMAGE_INDEX%]">
<img src=[%"action=security_get_image&security_image_index=$SECURITY_IMAGE_INDEX"|url%]>
<input type="text" name="security_image">
Source code of the plug-in:
<?php 
global $YANA;

/* to create the form: */
/* The variable SECURITY_IMAGE_INDEX needs to be set for the form.
   It is an integer of 1 through 9. */
$YANA->setVar("SECURITY_IMAGE_INDEX", rand(1,9));

/**
 * to check input:
 * 
 * The variable $form_data can be set to
 * $_POST, $_GET, or $ARGS.
 */
$bool $YANA->handle("security_check_image"$form_data);<br/>
if ($bool) {
    print "Input correct.";
} else {
    print "Input is false.";
}
?>

For even older versions (before version 2.8.0) this function has to be included by hand.

Author: Thomas Meyer, www.yanaframework.net