PHP implements verification code generation and verification

PHP is a commonly used server-side scripting language that is not only powerful but also easy to learn and write. In website development, the generation and verification of verification codes are very important security measures. In this article, we will introduce how to use PHP to generate and verify verification codes.

1. What is a verification code?

CAPTCHA is the abbreviation of "Completely Automated Public Turing test to tell Computers and Humans Apart". It is a common online verification mechanism used to ensure that users are real people and not bots. A verification code usually consists of an image or sound that requires the user to enter the correct answer to prove that they are a real user.

2. Generate verification code

In PHP, the process of generating verification code image is divided into multiple steps. First, we need to generate a random background image and draw some interference lines and noise points on it to increase the security of the verification code. Then, we use the GD library to draw randomly generated characters on the image, and finally output the image.

The following is a sample code that can generate a simple 4-digit verification code image:

<?php
session_start();
header("Content-type: image/png");

$width = 100;
$height = 40;
$length = 4;

// 生成验证码字符串
$chars = "0123456789";
$str = "";
for ($i = 0; $i < $length; $i++) {
    $str .= substr($chars, mt_rand(0, strlen($chars)-1), 1);
}

// 保存验证码到Session
$_SESSION["captcha"] = $str;

// 创建图像对象并绘制背景
$im = imagecreatetruecolor($width, $height);
$bgColor = imagecolorallocate($im, 242, 242, 242);
imagefill($im, 0, 0, $bgColor);

// 添加干扰线
$lineColor = imagecolorallocate($im, 200, 200, 200);
for ($i = 0; $i < 6; $i++) {
    imageline($im, 0, mt_rand(0, $height), $width, mt_rand(0, $height), $lineColor);
}

// 添加噪点
$pixelColor = imagecolorallocate($im, 0, 0, 0);
for ($i = 0; $i < 50; $i++) {
    imagesetpixel($im, mt_rand(0, $width), mt_rand(0, $height), $pixelColor);
}

// 绘制验证码字符串
$font = 5;
$fontColor = imagecolorallocate($im, 0, 0, 0);
$fontWidth = imagefontwidth($font);
$fontHeight = imagefontheight($font);
$x = ($width - $fontWidth * $length) / 2;
$y = ($height - $fontHeight) / 2;
for ($i = 0; $i < $length; $i++) {
    $char = substr($str, $i, 1);
    imagechar($im, $font, $x + $fontWidth * $i, $y, $char, $fontColor);
}

// 输出图像
imagepng($im);
imagedestroy($im);
?>

3. Verification verification code

After generating the verification code image, we need Validates the CAPTCHA entered by the user when submitting the form. In PHP, we can verify by comparing the verification code entered by the user with the verification code saved in the Session.

The following is a sample code that can verify the verification code entered by the user and display related information:

<?php
session_start();

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $captcha = $_POST["captcha"];
    if (!empty($captcha) && strtolower($captcha) == strtolower($_SESSION["captcha"])) {
        echo "验证码输入正确！";
    } else {
        echo "验证码输入错误！"; 
    }
}
?>
<form method="post">
    <input type="text" name="captcha" placeholder="请输入验证码">
    <img src="captcha.php" onclick="this.src='captcha.php?t='+Math.random()">
    <input type="submit" value="提交">
</form>

In this code, we add an image input box and a "refresh" to the form button. When the user clicks the "Refresh" button, a new captcha image will be randomly generated. After the user inputs, the verification code will be verified after clicking the "Submit" button.

4. Conclusion

Using PHP to generate and verify verification codes can effectively prevent robots or malicious attackers from attacking the website. Through the above sample code, we can see that the process of implementing the verification code in PHP code is also very simple. Especially when using the GD library to generate images, the code can be made more concise. Therefore, using PHP code to generate verification codes can more effectively protect the privacy and security of your website and users.

The above is the detailed content of PHP implements verification code generation and verification. For more information, please follow other related articles on the PHP Chinese website!