Captcha encryption

2019-09-05 22:52发布

I have created a captcha image making program with PHP

<?php
function word($n) {
    $consonants = "bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZ";
    $vowels = "aeiou";
    $word[1] =  $consonants[rand(0, 41)];
    $word[2] .= $vowels[rand(0, 4)];
    $word[3] .= $consonants[rand(0, 41)];
    $word[4] .= $consonants[rand(0, 41)];
    return $word[$n];
}

    $xs = 550;
    $ys = 300;
    $im = imagecreatetruecolor($xs, $ys);
    $newim = imagecreatetruecolor($xs, $ys);
    imagettftext($im, $ys/5, rand(-10, 10), rand(0, 10), $ys/2, 0xFFFFFF, "geosans.ttf", word(1));
    imagettftext($im, $ys/4.5, rand(-10, 10), rand(50, 70), $ys/2, 0xFFFFFF, "geosans.ttf", word(2));
    imagettftext($im, $ys/4, rand(-10, 10), rand(100, 150), $ys/2, 0xFFFFFF, "geosans.ttf", word(3));
    imagettftext($im, $ys/3.5, rand(-10, 10), rand(185, 210), $ys/2, 0xFFFFFF, "geosans.ttf", word(4));
    for ($x=0; $x<=$xs;$x++){
        for ($y=0; $y<=$ys;$y++){
            $rgba = imagecolorsforindex($im, imagecolorat($im, $x, $y));
            $col = imagecolorallocate($newim, $rgba["red"], $rgba["green"], $rgba["blue"]);

            $distorted_y = ($y + round(45*sin($x/50)) + imagesy($im)) % imagesy($im);
            imagesetpixel($newim, $x, $distorted_y, $col);
        }
    }

    imagefilter($newim, IMG_FILTER_NEGATE);


    header("Content-type: image/png");
    imagepng($newim);
?>

But how can I apply it?

How does the official captcha website encrypt their's

This is an example

http://www.google.com/recaptcha/api/image?c=03AHJ_VutAc1sMxyCE0N98Kh2AfMGlGmu7_DzzFP3Rn1gLHdbDulOQYK0w-sVrxqHWSTBCfVBipmqY-ywmme2_cuClW5QBRzKdzRSJeMWyme1aoGZ-y0OluiSfn-uKDExfVCo2PGrTao2wWpBLultbUEsctlJ97JXKCQ

Overall, I'm asking how can I safely encrypt my data?

2条回答
等我变得足够好
2楼-- · 2019-09-05 23:36

Google has millions of users, and I'm sure is targeted hundreds of thousands of times per day by malicious bots. In some cases something like base64_encode will work - in Google's case they probably use PGP (which is way overkill for most applications). The middle ground in my opinion would be something along the lines of base64 encoded MCRYPT (to keep the query string URL friendly).

http://us2.php.net/mcrypt

http://us2.php.net/base64_encode

查看更多
做个烂人
3楼-- · 2019-09-05 23:53

you could do it the same way as you could store passwords in your database. Hash them with MD5 with some random sort of SALT.

http://www.pixel2life.com/publish/tutorials/118/understanding_md5_password_encryption/

查看更多
登录 后发表回答