Securimage PHP Captcha

There's a typo on your Quickstart page, which people (like me) may be inadvertently copying into their forms:

Reload Image

Should remove _/ before >Reload Image.

Thanks good catch I think I must have thought I was in an image tag – too much coding!

By Sean Vickery on Feb 20, 2008

Thanks for your website and a great program. It took me about five hours to get it to work.

The instructions should be enhanced for the dense people like me who don't pick up on the subtleties of programing.

Part was my fault, however it could be made clearer, for the dense people that the above code in the quickstart goes into two seperate files. I know you said that, but it is 2:40 a.m. and it is all a blur.

Secondly the typo above where you mix the string variable capcha_code and captcha_code has led me around and around.

But that is the beauty of the internet, we can all learn from each others mistakes. Thanks again.

Iyel

By iyel on Feb 28, 2008

A most excellent peice of work.

Took 5 minutes to plug it all in, and saves me writing my own ..

The examples above all worked as is ..

Darrin

By Darrin Khan on Mar 15, 2008

I finally got it to work after a few hours. Thank you for a really neat addition to my web form. I had to activate the php_gd2 in my php.ini to get the image to appear. That took most of the time. I had no idea about this library being required. I am on an XP box running the latest PHP, MySQL and IIS for my web development.

Thanks again,

Bruce

By Bruce on Mar 23, 2008

Hi – This has worked great for me. I have got most of it to work. However I am having problems with the audio part. When I click on it tries to open it and then says file cannot be opened. Any ideas?

For the audio, you need to download the sound files separately (a pack is available on the download page). If you did download them, make sure the $audio_path in securimage.php points to the proper directory.

By Steve on Mar 29, 2008

Very good for help. Great and simply work. Thank a lot.
David

By David Khain on Apr 10, 2008

Guys! You're perfect! Thank you!

By alx on Apr 14, 2008

Excellent script. Took 5 minutes to install and works like a charm. Thanks

By Mark on Aug 4, 2008

Took about 10 minutes, excellent instructions!

By Thomas Mon on Aug 14, 2008

Why the check() method can't be called twice? I see $_SESSION['securimage_code_value'] = "; when check is true.

The primary reason for this is to prevent exploitation of being able to re-submit forms using an old code. If you need to remove it to customize your application, make sure there are checks in place to stop someone from using the same code over and over.

By Spout on Aug 17, 2008

really good tool, easy to implement. Great guide – thanks!

By neil on Aug 20, 2008

This is great! Thank you so much!

By Rory Donohue on Aug 21, 2008

Hi, create script. Im abit of a novice with this, but was wondering if some could help me with the code for a redirect to a thanks.html page once the form is processed?

Thanks inadvance

Lee

To redirect someone using PHP you can use this code:

By Dorgs on Aug 24, 2008

Hi if you edit /securimage/securimage.php you can get some nice effects, robots will have a harder time deciphering.

Find around line 700:

header("Expires: Sun, 1 Jan 2000 12:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0″, false);
header("Pragma: no-cache");

switch($this->image_type)

ADD Before:

imagefilter($this->im, IMG_FILTER_EMBOSS);
//imagefilter($this->im, IMG_FILTER_NEGATE);
//imagefilter($this->im, IMG_FILTER_COLORIZE, 0, 222, 0);
//imagefilter($this->im, IMG_FILTER_BRIGHTNESS, 200);
imagefilter($this->im, IMG_FILTER_GRAYSCALE);
imagefilter($this->im, IMG_FILTER_MEAN_REMOVAL);

You can simply uncomment these filters and comment ones you dont want, you can blend them for different effects, I quite like the effect as it is above.

By Chris Healey on Feb 10, 2009

Thanks so much for the script! It works like a champ. Took me 5 minutes to tweak it to fit my need… INCLUDING AUDIO!

By Mike D on Feb 12, 2009

I have solved the problem in getting Secure Image to work with an existing email script.

I want to use the dd-formailer email script but I don't like the captcha is displays and want to use the Secure Image captcha, but I do want to use the validation in dd-formailer. Therefore, dd-formailer has to have access to the code generated by Secure Image. I call Secure image from dd-formailer like this /securimage_show.php". The problem is that I cannot access the session variables set by Secure Image in dd-formailer because php does not update session variables until the intial script ends, in this case dd-formailer. The solution was to pass the code generate by secure image to dd-formmailer in a flat file or by a cookie.

Secure image is a really great script but sometimes php doesn't do what you would expect it to do! The combination of these two scripts is really awsome.

By Gregg on Feb 17, 2009

Thanks a lot! It only took me five minutes to implement, works like a charm! (By the way, check your example urls, some of them are obsolete).

By Charlo on Feb 18, 2009

Absolutely brilliant. Was about to write my own code but wouldn't have come close to replicating something as good as this. Took no more than 3 minutes from download to install, and works fine. Thanks very much.

By Marty on May 25, 2009

Thanks for this great tutorial, took me 5 minutes and it runs great!

By Claudia on Jun 4, 2009

Hey, just wanted to let you know that this code worked perfectly for me and I was able to add it to two different web forms in under half an hour. The test.php on your home page was especially helpful. Thank you!!!

By Marion MacDonald on Aug 27, 2009

Thank you! This script so cool, it's simple to create a captcha, not many dizzy config like other scripts.

By ACES on Aug 31, 2009

Great script! Took me less than a minute to get it working.

By ITS Net Servies on Sep 4, 2009

Thanks for your script. Today i got it and used in my free blog service site at http://waytowrite.com. Seems no updates past 1 year is it ok to use now on production site ?

-rav

By Rav on Sep 11, 2009

Hello. It's super captcha, but there's a problem. There is background, but no code. I'm new to PHP so I can't fix it myself. I disabled wordlist. Can you help me? Thanks.

By Tomas on Nov 15, 2009

Gracias amigo, me salvaste la vida

By Marce on Nov 19, 2009

THanks got it working.
Suggesation:
Nowhere in the quickstart guide or in the Documentation, does it make it clear that you need to copy all of the other files to your server and have them in the folder securimage. Obviously I figured this out by looking at the code but that really basic first step would be helpful:
1. Copy all of the files top you server into a folder called /securimage
2…..

By james on Nov 19, 2009

Re above..
it is early, typing was fat fingered..
It does work well, thanks a lot.

By james on Nov 19, 2009

A very nice captcha! easy to configure and works great!

Thank you very much author!

By steffa on Nov 22, 2009

Hi – everything seems to be installed correctly, but I can still hit send without entering the code and the mail still goes through. Below my PHP code:

"smtp.imaginet.co.za",
"auth" => true,
"username" => "Mail@theleatts.co.za",
"password" => "#######"
);

$mail = Mail::factory("smtp", $paramsSMTP);

$recipient = "#######";
$headers['From'] = $_POST['Email'];
$headers['To'] = "#######";
$headers['Subject'] = 'Website Feedback – http://www.posthouse.co.za – ' . $_POST['name'] . " " . $_POST['surname'];
$body = $_POST['Body'];
$mail->send($recipient, $headers, $body);

if ($securimage->check($_POST['captcha_code']) == false) {
// the code was incorrect
// handle the error accordingly with your other error checking

// or you can do something really basic like this
die('The code you entered was incorrect. Go back and try again.');
}

?>

Please help!

By JP Greeff on Nov 24, 2009

I must be overlooking something, but I don't see any instructions on setting up the audio. I have the audio files installed on the server and the $audio_path in securimage.php is set to:

var $audio_path = './audio/';

Is this path relative to the directory that securimage.php is located in or to the root directory? I placed the audio directory inside the securimage folder on the server.

Nor have I found any instructions on setting up the icon images for code image refresh and audio. Default is a text link that says "Reload Image".

By David on Nov 28, 2009

hi, conratulation because you've create very useful script, could you please tell me where to edit this captcha. i want to change my font, color. I also want to remove those scary lines.

By kuha on Dec 13, 2009

Great code, thanks!

By Clark Smith on Dec 16, 2009

This if fantastic. Just wasted a night integrating reCaptcha into a site only to discover that most of the images were simply unreadable. This is working like a charm, took about 15 minutes to set up (wish I'd tried this first!) and so far is blocking all the attempted spambot signups (I'm logging the attempted registrations). Great work!

FYI: If anyone wants instructions for using with the jquery validation plugin, let me know.

By James on Dec 16, 2009

Hi.

The site that I am trying to add this to was using a form mailer with "in page" JavaScript validation. So, to make you this work I have to create a separate PHP page now and process the input there. Can you direct me to a tutorial on exactly how to do that. I mean I still need to email for information that was put into the fields if the Capcha validates. What's the easiest way to do that?

By James McLain on Dec 17, 2009

Hello, I've a little question…

Everything works fine (audio, display image, changing image, …), only the check gives this error:
"Fatal error. Call to a member function check() on a non-object in /home/site/public_html/contact.php on line 163″

I checked everything and don't find a reason why I get this error. Can anyone give me a suggestion?

By Tom on Dec 18, 2009

Great work, Can't thank you enough.
It was to setup and configure. Oh Yeah and the audio part rocks!
Thanks again.

By Musab on Dec 29, 2009

This is really nice, easy to setup and robust piece of software. Really appreciate the effort. I have a question though.
Is there a way to setup multiple instances of securimage on same page and then verify the code entered for that particular instance? I was able to create multiple instances on one page but the code verification only works for the last created instance.

Can someone please tell me if its even possible? or any workaround to get it done? Thanks.

By Waqas on Dec 30, 2009

the example_form doesn't seem to work under load.
in other words, if two forms were generated almost the same time, the second submit doesn't work even with the correct code entered.

By albert on Dec 30, 2009

I am getting this message when I use the captcha in my feedback form.

Thanks!
–
Warning: include_once(/usr/local/apache/htdocs/securimage.php) [function.include-once]: failed to open stream: No such file or directory in /home/securcor/public_html/contact.php on line 47

Warning: include_once() [function.include]: Failed opening '/usr/local/apache/htdocs/securimage.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/securcor/public_html/contact.php on line 47

Fatal error: Class 'Securimage' not found in /home/securcor/public_html/contact.php on line 49

By Yan on Jan 6, 2010

[Multiple captchas]
@Waqas

you need to reload the captcha in the form you are validating; the last reloaded captcha is the one that is verified. So either you ask the visitor to manually reoad the catcha before submitting the form, or you setup an onfocus event on the captcha dialog that reload the image.
Obviously in that case you need to give to each captcha image a unique "id" attribute, which must be referenced in the reload events.

I would really hope for a way to do multiple captchas without forced reload, it's an UGLY workaround.

By Ephestione on Jan 6, 2010

The box and images display and regen ok but my validation code in enter_parc.php does not work.

I am a newbe so any help to get me straight would be greatly appreciated.

the …. are my web home dir.

martin

Warning: main(/securimage/securimage.php) [function.main]: failed to open stream: No such file or directory in …\securimage\enter_parc.php on line 3

Warning: main() [function.include]: Failed opening '…/sourcebook/securimage/securimage.php' for inclusion (include_path='.\;C:\Program Files\HSphere\3rdparty\PHP\PHP4\PEAR') in …\sourcebook\securimage\enter_parc.php on line 3

Fatal error: Cannot instantiate non-existent class: securimage in …\sourcebook\securimage\enter_parc.php on line 5

By martin on Jan 17, 2010

Amazing Script very easy to set it up as this guide say.

I use Jack's formmail.php, so I was wondering how to take advantage of the Jack's validation code for other fields and the best place to insert securimage validation code is just below of $email validation, here is the example:

(Jack's code)
// check the email fields for validity
if (($email) || ($EMAIL)) {
$email = trim($email);
if ($EMAIL) $email = trim($EMAIL);
if (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$", $email))
print_error("your email address is invalid");
$EMAIL = $email;
}

(Secureimage Validation Code)
session_start();
include_once $_SERVER['DOCUMENT_ROOT'] . '/securimage/securimage.php';
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
print_error("The CODE you entered was incorrect.");
}

It works so well.

By Alfredo on Jan 19, 2010

A very nice, creative, effective and brief invention i would say it. It solves almost all kinds of captcha problems. But the only one, that I had been facing with SecurImage Captcha, was some way to use its multiple instances on a single page. I tried to find solution, but void. I tried my self and got an alternative, or kind of a solution to use SecurImage Captcha Multiple times on a single page.. All i did was i modified function saveData();

you can do same by replacing the code:

function saveData() { … }

with

function saveData(){

if(isset($_SESSION['securimage_code_value']) && $_SESSION['securimage_code_value']) {

$this->code = $_SESSION['securimage_code_value'];

} else {
$_SESSION['securimage_code_value'] = strtolower($this->code);
$_SESSION['securimage_code_ctime'] = time();

}

$this->saveCodeToDatabase();

}

and it will solve the problem

By Muhammad Asif Ali on Jan 26, 2010

I got the image to appear on the HTML page, but the process page is a problem. I loaded your script in the main directory, and am linking to it from a sub directory, using the whole path name. But the process page keeps giving me an error. Do your files have to be in the same directory as the HTML to work?

Thanks

By ALan on Jan 27, 2010

Thanks for the code..I just installed it, now I have to figure out and make it works.

By Von on Jan 27, 2010

Great script. I just builded it in the testversion of my soon to be released landing page generator software.

By free landing page generator on Jan 28, 2010

Installed it in 5 minutes, works like a charm. Thanks a bunch!

By Tired of spam on Feb 4, 2010

hi! i have a problem with this code… i followed instructions from this page (above), but i don't get to insert php code in the right way. I only see secureimage on my page, but it doesn't work. The code in which i need to insert the above php instruction "Now that your form is looking the way it should, we will move onto editing the PHP code that validates the CAPTCHA." is the folling one.. can you help me?

As you can see i inserted the code to show secureimage and it works. This is the only thing that worked.
Sorry for my english…

function submit_comment() {
global $mkportals, $mklib, $Skin, $DB;

if(!$mkportals->member['g_access_cp'] && !$mklib->member['g_send_comments']) {
$message = "{$mklib->lang['ne_nosendcom']}";
$mklib->error_page($message);
exit;
}

$ide= intval($mkportals->input['idnews']);
$query = $DB->query( "SELECT titolo FROM mkp_news WHERE id = '$ide' AND validate = '1′");
$row = $DB->fetch_row($query);
if(!$row) {
$message = "{$mklib->lang['error_404']}";
$mklib->error_page($message);
exit;
}
$content = "

function emo_pop()
{
window.open('{$mkportals->base_url}act=legends&CODE=emoticons&s={$mkportals->session_id}','Legends','width=250,height=500,resizable=yes,scrollbars=yes');
}

images/arrow.gif\" alt=\"\" />{$mklib->lang['ne_commentnew']} {$row['titolo']}

{$mklib->lang['ne_writecomm']}

Verification Code

 
Reload Image

lang['ne_sendcomm']}\" class=\"mkbutton\" accesskey=\"s\" />

";
$blocks = $Skin->view_block("{$mklib->lang['ne_addcomment']}", $content);
$mklib->printpage("1″, "1″, $mklib->sitename.$mklib->lang['tt_sep'].$mklib->lang['ne_news'].$mklib->lang['tt_sep'].$row['titolo'].$mklib->lang['tt_sep'].$mklib->lang['ne_addcomment'], $blocks);
}

function add_comment() {
global $mkportals, $DB, $mklib, $mklib_board;
$ide = intval($mkportals->input['ide']);
$testo = $mkportals->input['ta'];
$autore = $mkportals->member['name'];
if(!$mkportals->member['g_access_cp'] && !$mklib->member['g_send_comments']) {
$message = "{$mklib->lang['ne_nosendcom']}";
$mklib->error_page($message);
exit;
}
$cdata = time();
if (!$testo) {
$message = "{$mklib->lang['ga_inserttx']}";
$mklib->error_page($message);
exit;
}
$testo = $mklib_board->decode_smilies($testo);
$testo = $mklib->convert_savedb($testo);
//$testo = addslashes($testo);
$query="INSERT INTO mkp_news_comments(identry, autore, testo, data)VALUES('$ide', '$autore', '$testo', '$cdata')";
$DB->query($query);
$query = $DB->query( "SELECT totalcomm FROM mkp_news WHERE id = '$ide'");
$row = $DB->fetch_row($query);
$totalcomm = $row['totalcomm'];
++$totalcomm;
$DB->query("UPDATE mkp_news SET totalcomm ='$totalcomm' WHERE id = '$ide'");
$DB->close_db();
Header("Location: index.php?ind=news&op=news_show_single&ide=$ide");
exit;
}

By Raven on Feb 10, 2010

I can only thank you for this excellent code. You have saved me many hundreds of pounds. I am not a programmer but I understand just about enough to get things to work and this worked first time.

It took me some time to fully integrate it with my website but in the process I learned some useful lessons.

Big thank you – cheers

By Gary on Feb 11, 2010

Very good code. Worked like a charm and I'm a novice.
Just a quick note to help us novices. The last two pieces of code go right next to each other on the second page.

By John on Feb 16, 2010

Thanks works well, have put it up on my sign up page http://netfav.com/register.php

By Leon on Feb 17, 2010

This is driving me nuts.

Why don't you just have a page with complete instructions including an html website sample download? Keep it simple.

1. html code … what and where?
2. php file … what and where?
3. js file … what and where?
4. What changes do I make to tailor it to my site? eg, what folder to keep these external files in? Instructions in the code.

I have followed your instructions and still do not get a securimage image. I am writing it in Adobe Dreamweaver and am NOT a website designer. It should go in a left sidebar column about 200px wide. I am trying to see the file without uploading it first. Do I need to xampp and turn on Mysql etc.? I opened this page in Dreamweaver and saved it under a new name. Opened the file and it did not display a securimage. arrrghhh.

By Gary Johnson on Feb 17, 2010

@Gary Johnson, I think you are asking way too much, this script is free and it's pretty well documented, don't be an a…hole if you don't know how to use it, or how to use PHP then don't blame the author about it.

————–

Just want to say thanks to the author by making this awesome script free and just let you know that it works great. Thanks a lot.

By Cesar on Feb 26, 2010

I am not very experienced with php, but I am trying your script. In my form page, it now displays a CAPTCHA image, so that is good, but when I click "reload" to try a different image, it just displays a broken image icon. Furthermore, when I submit the form, I now get only a blank web page. I am not sure what is wrong, but suspect my server does not like something in the secureimage script. By the way, when I uploaded the secureimage folder to my site, it would not allow me to upload the .htaccess file.

Thanks for any help.

By Jimbo on Feb 27, 2010

Regarding my previous comment: I got the script to work!

My problem was that I had named the directory "secureimage", and not "securimage". It might help if it downloaded with the proper name (mine downloaded as "latest").

Thanks!

By Jimbo on Feb 27, 2010

hi.. nice program here..
installed as a package of EazComment for OSCommerce.. installed and done in about 1 hour..

The problem is, the first captcha is always the same, so i have to refresh the captcha letter first before inputing the comment, or else there will be an error because the captcha is not same.

any recommendation how to fix this ??

By Dahniar on Feb 28, 2010

Regarding session_name. I don't use the default php session_name for my projects. So, do I edit your class file and insert the session name in the $session_name var (Securimage v2)? I'd prefer to send constructor arguments of all the things I want different, including the session_name. Am I missing something?

By gavin on Mar 1, 2010