I have created some form for inserting data into database and for checking if the data was sent from human I have used CAPTCHA which is already integrated to CI.
This is my controller:
$checkrules = array(
'img_path' => realpath(APPPATH . '../upload/checking/img') . '/',
'img_url' => base_url() . 'upload/checking/img/',
'font_path' => realpath(APPPATH . '../upload/checking/font.ttf'),
'img_width' => 150,
'img_height' => 30,
'expiration' => 7200
);
$check = create_captcha($checkrules);
$data['checkimg'] = $check['image'];
$this->form_validation->set_rules('name', 'Name', 'required|max_length[40]|xss_clean');
$this->form_validation->set_rules('email', 'E-mail', 'required|valid_email|xss_clean');
$this->form_validation->set_rules('website', 'Website', 'max_length[80]|prep_url|xss_clean');
$this->form_validation->set_rules('comment', 'Comment', 'required|xss_clean');
$this->form_validation->set_rules('check', 'Check', 'required|xss_clean');
if ($this->form_validation->run() == FALSE)
{
$this->load->view('cms/theme', $data);
}
else
{
echo "success";
$this->load->view('cms/theme', $data);
}
My question now is what's the best way to validate CAPTCHA?
1.) Creating callback, which I have already done, but there was problem because when I send form is error with new CAPTCHA code.
2.) Inserting CAPTCHA's code into database and check from it. Problem is because there will be a lot of loading database and it will be very busy.
And second question. Is this CAPTCHA saving only .jpg pictures in folder or it can be any other format there? (I'm asking this because I want to delete this captcha's after they are used.)
* Example of captcha validation without database useage
* Instead of it used session to store captcha value
* The images will be deleted after the use
public function index()
{
$this->load->helper(array('form', 'url','captcha'));
$this->load->library('form_validation');
$this->form_validation->set_error_delimiters('<div class="error">', '</div>');
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
$this->form_validation->set_rules('captcha', 'Captcha', 'callback_validate_captcha');
if($this->form_validation->run() == FALSE)
{
$original_string = array_merge(range(0,9), range('a','z'), range('A', 'Z'));
$original_string = implode("", $original_string);
$captcha = substr(str_shuffle($original_string), 0, 6);
//Field validation failed. User redirected to login page
$vals = array(
'word' => $captcha,
'img_path' => './captcha/',
'img_url' => 'http://mycodeignitor.org/captcha/',
'font_path' => BASEPATH.'fonts/texb.ttf',
'img_width' => 150,
'img_height' => 50,
'expiration' => 7200
);
$cap = create_captcha($vals);
$data['image'] = $cap['image'];
if(file_exists(BASEPATH."../captcha/".$this->session->userdata['image']))
unlink(BASEPATH."../captcha/".$this->session->userdata['image']);
$this->session->set_userdata(array('captcha'=>$captcha, 'image' => $cap['time'].'.jpg'));
$this->load->view('index_index',$data);
}
else
{
if(file_exists(BASEPATH."../captcha/".$this->session->userdata['image']))
unlink(BASEPATH."../captcha/".$this->session->userdata['image']);
$this->session->unset_userdata('captcha');
$this->session->unset_userdata('image');
redirect('home', 'refresh');
}
}
public function validate_captcha(){
if($this->input->post('captcha') != $this->session->userdata['captcha'])
{
$this->form_validation->set_message('validate_captcha', 'Wrong captcha code, hmm are you the Terminator?');
return false;
}else{
return true;
}
}
I suggest you to use recaptcha which is easy to implement in codeigniter: http://codeigniter.com/wiki/ReCAPTCHA