Securimage 2.0.1 Beta Released
December 6, 2009 – 3:36 pmAn updated version of the 2.0 beta version has been released. It adds support for users with cookies disabled (requires PHP5 & SQLite support), code timeouts, fixes to color allocation, and an easier way to define colors.
This is the recommended version for new installations. Please report any problems or suggestions.
13 Responses to "Securimage 2.0.1 Beta Released"
Please send captcha code for php & some captcha images….
By Anil Saini on Dec 17, 2009
I'll give it a shot. Sounds easy enough.
By Tim on Dec 29, 2009
Thans
By aravind on Jan 4, 2010
Quisiera descargar el beta 2.01. Gracias.
By luis on Jan 27, 2010
Tried it; too many problems. Succeeded with an html captcha script.
By Stanley WAS on Feb 9, 2010
I have updated to 2.01 Beta. It was easy to install. I added the audio capability as well, which also work fine. However I did find that in SSL mode the audio does not work using IE. The speaker image keeps showing the circle. Both Firefox and Safari browsers did not have this issue. The audio works fine for in SSL and non-SSL modes. The tests were done using the example_form supplied as part of the package.
By jattind on Feb 21, 2010
*Wishes for new features*
I noticed that the signature_font is not a public property and is defaulted to use AHGBold.ttf, and the size of the signature font is hardcoded to 10pts. It would be cool if this was adjustable.
*Security Issues*
Could you please store the $_SESSION['securimage_code_value'] as a salted md5/sha1 hash. This would stop somebody possibly using a script in a shared hosting environment to automatically hijack a session and extract the 'securimage_code_value'.
Also as this is a PHP5 script, could you please set the intended class properties and functions to private. That may stop an attack vector from another PHP class.
You might also want to immediately unset($this->code) as soon as it has been used to generate a word image and it has been store to session, just to be safe.
If you need some help with these security fixes just email me.
My 2c
By dave on Mar 19, 2010
Also maybe you should include the .fla or any .as files you may have for the secureimage_play.swf. That way we could at least audit the code for any problems in the flash, or even improve the code.
By dave on Mar 19, 2010
Oh just as a after thought HTML5 has audio support, it might be an idea in the future to provide a direct access to a mp3/ogg/wav stream as an alternative to the flash audio. That would be UBER cool.
By dave on Mar 19, 2010
It's nice thanks
By abeecdick on May 16, 2010
nice info, thanks
By abeecdick on May 16, 2010
good update info
By me on wordpress on May 16, 2010
good, thanks.
By pinks on Jul 25, 2010