- about you -
Unknown Browser on Unknown OS
CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
38.103.63.56
Unknown Browser on Unknown OS
CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
38.103.63.56
- blog -
- quotation of the moment -
It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood, who strives valiantly; who errs and comes short again and again; because there is not effort without error and shortcomings; but who does actually strive to do the deed; who knows the great enthusiasm, the great devotion, who spends himself in a worthy cause, who at the best knows in the end the triumph of high achievement and who at the worst, if he fails, at least he fails while daring greatly. So that his place shall never be with those cold and timid souls who know neither victory nor defeat.
Theodore Roosevelt, 1858 - 1919, 'Man in the Arena', April 23, 1910
It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood, who strives valiantly; who errs and comes short again and again; because there is not effort without error and shortcomings; but who does actually strive to do the deed; who knows the great enthusiasm, the great devotion, who spends himself in a worthy cause, who at the best knows in the end the triumph of high achievement and who at the worst, if he fails, at least he fails while daring greatly. So that his place shall never be with those cold and timid souls who know neither victory nor defeat.
Theodore Roosevelt, 1858 - 1919, 'Man in the Arena', April 23, 1910
The source to the image verify program has two parts, a PERL function and a PHP page. Written in PERL because I like it better, and PHP because it works better for graphics :).
All the customization that is needed is to change the name of the code file from /path/to/sessionidfile.ext to the actual path. It needs to be readable by the php script and have read/write access for the perl script. To integrate it, add a First, the PHP source
<?
header('Content-type: image/jpg');
$allow=strtoupper('abcdefghijlkmnopqrstuvwxyz1234567890');
srand ();
$colors=array("255,255,204","255,255,153","255,255,102","255,255,51",
"255,255,0","255,204,255","255,204,204","255,204,153","255,204,102",
"255,204,51","255,204,0","255,153,255","255,153,204","255,153,153",
"255,153,102","255,153,51","255,153,0","255,102,255","255,102,204","255,102,153",
"255,102,102","255,102,51","255,102,0","255,51,255","255,51,204","255,51,153",
"255,51,102","255,51,51","255,51,0","255,0,255","255,0,204","255,0,153",
"255,0,102","255,0,51","255,0,0","204,255,255","204,255,204","204,255,153",
"204,255,102","204,255,51","204,255,0","204,204,255","204,204,204",
"204,204,153","204,204,102","204,204,51","204,204,0","204,153,255","204,153,204",
"204,153,153","204,153,102","204,153,51","204,153,0","204,102,255",
"204,102,204","204,102,153","204,102,102","204,102,51","204,102,0","204,51,255",
"204,51,204","204,51,153","204,51,102","204,51,51","204,51,0","204,0,255",
"204,0,204","204,0,153","204,0,102","204,0,51","204,0,0","153,255,255","153,255,204",
"153,255,153","153,255,102","153,255,51","153,255,0","153,204,255",
"153,204,204","153,204,153","153,204,102","153,204,51","153,204,0",
"153,153,255","153,153,204","153,153,153","153,153,102","153,153,51","153,153,0",
"153,102,255","153,102,204","153,102,153","153,102,102","153,102,51","153,102,0",
"153,51,255","153,51,204","153,51,153","153,51,102","153,51,51","153,51,0",
"153,0,255","153,0,204","153,0,153","153,0,102","153,0,51","153,0,0","102,255,255",
"102,255,204","102,255,153","102,255,102","102,255,51","102,255,0",
"102,204,255","102,204,204","102,204,153","102,204,102","102,204,51",
"102,204,0","102,153,255","102,153,204","102,153,153","102,153,102","102,153,51",
"102,153,0","102,102,255","102,102,204","102,102,153","102,102,102","102,102,51",
"102,102,0","102,51,255","102,51,204","102,51,153","102,51,102",
"102,51,51","102,51,0","102,0,255","102,0,204","102,0,153","102,0,102",
"102,0,51","102,0,0","51,255,255","51,255,204","51,255,153","51,255,102","51,255,51",
"51,255,0","51,204,255","51,204,204","51,204,153","51,204,102","51,204,51",
"51,204,0","51,153,255","51,153,204","51,153,153","51,153,102","51,153,51","51,153,0",
"51,102,255","51,102,204","51,102,153","51,102,102","51,102,51","51,102,0",
"51,51,255","51,51,204","51,51,153","51,51,102","51,51,51","51,51,0","51,0,255","51,0,204",
"51,0,153","51,0,102","51,0,51","51,0,0","0,255,255","0,255,204","0,255,153","0,255,102",
"0,255,51","0,255,0","0,204,255","0,204,204","0,204,153","0,204,102","0,204,51",
"0,204,0","0,153,255","0,153,204","0,153,153","0,153,102","0,153,51","0,153,0",
"0,102,255","0,102,204","0,102,153","0,102,102","0,102,51","0,102,0","0,51,255","0,51,204",
"0,51,153","0,51,102","0,51,51","0,51,0","0,0,255","0,0,204","0,0,153","0,0,102","0,0,51")
$a='';
$pwFile=file('/path/to/sessionidfile.ext');
if ($_GET['sid']=='') {
$im = imageCreate(200,50);
$bg = imagecolorallocate($im,255,255,255);
$fg = imagecolorallocate($im,100,120,130);
$borc = imagecolorallocate($im,0,0,0);
imagefill($im,0,0,$bg);
imagerectangle($im,0,0,199,49,$borc);
imagestring($im,8,5,20, 'no session id given',$fg);
imagejpeg($im);
imagedestroy($im);
exit;
}
$myPW='';
$myIndex=-1;
for($i=0; $i<count($pwFile); $i++) {
list($sid, $pw)=split('=', $pwFile[$i]);
$pwFile[$i]=rtrim($pwFile[$i]);
if ($sid==$_GET['sid']) {
$myIndex=$i;
$myPW=substr($pw, 0, strlen($pw)-1);
}
}
$myPW=urldecode($myPW);
/*
the next couple lines can be used to create a new code for the session id.
for($i=0; $i<7; $i++) {
$newPW.=substr($allow, rand(0, strlen($allow)), 1);
}
if ($myIndex != -1) {
$pwFile[$myIndex]=$_GET['sid'] . '&' . $newPW . '&' . $tries;
} else {
$pwFile[count($pwFile)]=$_GET['sid'] . '&' . $newPW . '&0';
}
$fp = fopen('/path/to/sessionidfile.ext', "w");
fputs($fp, implode("\n", $pwFile));
fclose($fp);
*/
$im = imageCreate(100,50);
$bg = imagecolorallocate($im,0,0,0);
$fg = imagecolorallocate($im,255,255,255);
$borc = imagecolorallocate($im,0,0,0);
$rgb=rand(0, count($colors));
list($r, $g, $b)=split(',', $rgb);
$myRecColor=imagecolorallocate($im, $r, $g, $b);
$rgb=rand(0, count($colors));
list($r, $g, $b)=split(',', $rgb);
$myRec2Color=imagecolorallocate($im, $r, $g, $b);
imagefill($im,0,0,$bg);
imagefilledrectangle($im, 0, 0, rand()&100, rand()&50, $myRecColor);
imagefilledrectangle($im, rand()&100, rand()&50, 50, 25, $myRec2Color);
imagerectangle($im,0,0,199,49,$borc);
imagestring($im,8,5,20, substr($myPW, 0, strlen($myPW)-3), $fg);
imagegif($im);
imagedestroy($im);
?>
# returns:
# -1 if the session id is not found, or none is input
# 0 if an incorrect code is input
# 1 if the correct code is input
sub imageVerify {
my($sid, $try)=@_;
if ($try ne "" && $sid ne "") {
tie @lines, 'tie', '/path/to/sessionidfile.ext' or die "Could not tie pw file: $!";
for ($i=0; $i<=$#lines; $i++) {
my($lineId, $realCode)=split(/=/, $lines[$i]);
chomp($realCode);
my($realCode, $tries)=split(/&/, &unescape($realCode));
if (&ucase($lineId) eq &ucase($sid)) {
if (&ucase($realCode) eq &ucase($try)) {
splice @lines, $i, 1;
untie @lines;
return 1;
} else {
if ($tries<3) {
$lines[$i]=$sid . '=' . $realCode . '&' . ($tries+1) . "\n";
} else {
splice @lines, $i, 1;
}
untie @lines;
return 0;
}
}
}
}
untie @lines;
return -1;
}
