Implementing Captcha

CAPTCHA, which stands for Completely Automated Public Turing Test to Tell Computers and Humans Apart, is an easy way to determine whether the user submitting a form is a human, a web crawler, or a spambot.

CAPTCHAs come in many forms. Some use images and ask a simple question the user must answer to successfully submit the form, and some ask you to click the speaker icon to listen to something. These often-annoying features serve a purpose; they reduce the amount of spam, junk messages, and phony accounts created on a site.

The Zend_Form component contains an easy-to-use class that allows you to implement a CAPTCHA on the site using Zend_Form_Element_Captcha. This class contains four types of available CAPTCHAs:

• Dumb (user types word displayed backward)

Zend_Form_Element_Captcha also contains an additional set of setters to use (see Table 4-11).

Table 4-11. Zend_Form_Element_Captcha Setters


Description setEXpiration() Determines how long a CAPTCHA image should reside in the server (accepts time in seconds).

setGcFreq() Determines how often garbage collection is run (the default is 1/<value you set>).

setFont() Sets the font to use.

setFontSize() Sets the font size to use.

setHeight() Sets the image height used for CAPTCHA.

setWidth() Sets the width of the image used for CAPTCHA.

setImgDir() Sets the image directory that holds the images to use for CAPTCHA.

setImgUrl() Sets the image path to use for the CAPTCHA.

setSuffix() Sets the file name suffix for the images (the default is .png).

Let's add a CAPTCHA to the sign-up process to demonstrate its use (see Listing 4-41).

Listing 4-41. Using a CAPTCHA

* Create the sign up form.

private function getSignupForm() {

//Create Form


$form->setAttrib('sitename', 'loudbite');

//Add Elements require "Form/Elements.php";

$LoudbiteElements = new Elements();

//Create Username Field.

Sform->addElement($LoudbiteElements->getUsernameTextField()); //Create Email Field.

Sform->addElement($LoudbiteElements->getEmailTextField()); //Create Password Field.

Sform->addElement($LoudbiteElements->getPasswordTextField()); //Add Captcha

$captchaElement = new Zend_Form_Element_Captcha (

'signup', array('captcha' => array( 'captcha' => 'Figlet', 'wordLen' => 6, 'timeout' => 600))

$captchaElement->setLabel('Please type in the words below to continue');

$form->addElement($captchaElement); $form->addElement('submit', 'submit'); $submitButton = $form->getElement('submit'); $submitButton->setLabel('Create My Account!');

return $form;

Before loading the URL, let's go through Listing 4-41. The code shown replaced the creation of the username, password, and email fields with your application-specific Elements class, and created the new CAPTCHA form element. To create the CAPTCHA element, you instantiated a

Zend_Form_Element_Captcha, assigned its name attribute to sign up, and configured the CAPTCHA using the constructor's second parameter. The second parameter was passed an array in which you set the type of CAPTCHA to use (Figlet), set the length of the word to 6, and set the length of time to the word presented to the user is valid for. You set the label, add the CAPTCHA to the form, add a submit button, and finally return the newly updated form. Now, load the updated sign-up form by visiting the URL http://localhost/account/new. You should see the figure displayed in Figure 4-12.

Figure 4-12. CAPTCHA display on sign-up form

Was this article helpful?

0 0

Post a comment