.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .if !\nF .nr F 0 .if \nF>0 \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} .\} .\" ======================================================================== .\" .IX Title "Captcha 3pm" .TH Captcha 3pm "2017-09-13" "perl v5.26.0" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Authen::Captcha \- Perl extension for creating captcha's to verify the human element in transactions. .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& use Authen::Captcha; \& \& # create a new object \& my $captcha = Authen::Captcha\->new(); \& \& # set the data_folder. contains flatfile db to maintain state \& $captcha\->data_folder(\*(Aq/some/folder\*(Aq); \& \& # set directory to hold publicly accessible images \& $captcha\->output_folder(\*(Aq/some/http/folder\*(Aq); \& \& # Alternitively, any of the methods to set variables may also be \& # used directly in the constructor \& \& my $captcha = Authen::Captcha\->new( \& data_folder => \*(Aq/some/folder\*(Aq, \& output_folder => \*(Aq/some/http/folder\*(Aq, \& ); \& \& # create a captcha. Image filename is "$token.png" \& my $token = $captcha\->generate_code($number_of_characters); \& \& # check for a valid submitted captcha \& # $code is the submitted letter combination guess from the user \& # $token is the submitted token from the user (that we gave them) \& my $results = $captcha\->check_code($code,$token); \& # $results will be one of: \& # 1 : Passed \& # 0 : Code not checked (file error) \& # \-1 : Failed: code expired \& # \-2 : Failed: invalid code (not in database) \& # \-3 : Failed: invalid code (code does not match token) \& ############## .Ve .SH "WARNING" .IX Header "WARNING" The captcha produced by this module is rather weak compared to other modules available. You are advised to update to GD::SecurityImage, which provides API-compatible interface in GD::SecurityImage::AC module. .SH "ABSTRACT" .IX Header "ABSTRACT" Authen::Captcha provides an object oriented interface to captcha file creations. Captcha stands for Completely Automated Public Turing test to tell Computers and Humans Apart. A Captcha is a program that can generate and grade tests that: .PP .Vb 2 \& \- most humans can pass. \& \- current computer programs can\*(Aqt pass .Ve .PP The most common form is an image file containing distorted text, which humans are adept at reading, and computers (generally) do a poor job. This module currently implements that method. We plan to add other methods, such as distorted sound files, and plain text riddles. .SH "REQUIRES" .IX Header "REQUIRES" .Vb 2 \& GD (see http://search.cpan.org/~lds/GD\-2.11/) \& Digest::MD5 (standard perl module) .Ve .PP In most common situations, you'll also want to have: .PP .Vb 4 \& A web server (untested on windows, but it should work) \& cgi\-bin or mod\-perl access \& Perl: Perl 5.00503 or later must be installed on the web server. \& GD.pm (with PNG support) .Ve .SH "INSTALLATION" .IX Header "INSTALLATION" Download the zipped tar file from: .PP .Vb 1 \& http://search.cpan.org/search?dist=Authen\-Captcha .Ve .PP Unzip the module as follows or use winzip: .PP .Vb 1 \& tar \-zxvf Authen\-Captcha\-1.xxx.tar.gz .Ve .PP The module can be installed using the standard Perl procedure: .PP .Vb 4 \& perl Makefile.PL \& make \& make test \& make install # you need to be root .Ve .PP Windows users without a working \*(L"make\*(R" can get nmake from: .PP .Vb 1 \& ftp://ftp.microsoft.com/Softlib/MSLFILES/nmake15.exe .Ve .SH "METHODS" .IX Header "METHODS" .SS "\s-1MAIN METHODS\s0" .IX Subsection "MAIN METHODS" .ie n .IP """$captcha = Authen::Captcha\->new();""" 4 .el .IP "\f(CW$captcha = Authen::Captcha\->new();\fR" 4 .IX Item "$captcha = Authen::Captcha->new();" This creates a new Captcha object. Optionally, you can pass in a hash with configuration information. See the method descriptions for more detail on what they mean. .RS 4 .Sp .Vb 8 \& data_folder => \*(Aq/some/folder\*(Aq, # required \& output_folder => \*(Aq/some/http/folder\*(Aq, # required \& expire => 300, # optional. default 300 \& width => 25, # optional. default 25 \& height => 35, # optional. default 35 \& images_folder => \*(Aq/some/folder\*(Aq, # optional. default to lib dir \& keep_failures => 0, # optional, defaults to 0(false) \& debug => 0, # optional. default 0 .Ve .RE .RS 4 .RE .ie n .IP """$token = $captcha\->generate_code( $number_of_characters );""" 4 .el .IP "\f(CW$token = $captcha\->generate_code( $number_of_characters );\fR" 4 .IX Item "$token = $captcha->generate_code( $number_of_characters );" Creates a captcha. Image filename is \*(L"$token.png\*(R" .Sp It can also be called in array context to retrieve the string of characters used to generate the captcha (the string the user is expected to respond with). This is useful for debugging. ex. .Sp \&\f(CW\*(C`($token,$chars) = $captcha\->generate_code( $number_of_characters );\*(C'\fR .ie n .IP """$results = $captcha\->check_code($code,$token);""" 4 .el .IP "\f(CW$results = $captcha\->check_code($code,$token);\fR" 4 .IX Item "$results = $captcha->check_code($code,$token);" check for a valid submitted captcha .Sp \&\f(CW$code\fR is the submitted letter combination guess from the user .Sp \&\f(CW$token\fR is the submitted token from the user (that we gave them) .Sp If the \f(CW$code\fR and \f(CW$token\fR are correct, the image file and database entry will be removed. .Sp If the \f(CW$token\fR matches one in the database, and \*(L"keep_failures\*(R" is false (the default), the image file and database entry will be removed to avoid repeated attempts on the same captcha. .Sp \&\f(CW$results\fR will be one of: .Sp .Vb 5 \& 1 : Passed \& 0 : Code not checked (file error) \& \-1 : Failed: code expired \& \-2 : Failed: invalid code (not in database) \& \-3 : Failed: invalid code (code does not match token) .Ve .SS "\s-1ACCESSOR METHODS\s0" .IX Subsection "ACCESSOR METHODS" .ie n .IP """$captcha\->data_folder( \*(Aq/some/folder\*(Aq );""" 4 .el .IP "\f(CW$captcha\->data_folder( \*(Aq/some/folder\*(Aq );\fR" 4 .IX Item "$captcha->data_folder( /some/folder );" Required. Sets the directory to hold the flatfile database that will be used to store the current non-expired valid captcha tokens. Must be writable by the process running the script (usually the web server user, which is usually either \*(L"apache\*(R" or \*(L"http\*(R"), but should not be accessible to the end user. .ie n .IP """$captcha\->output_folder( \*(Aq/some/folder\*(Aq );""" 4 .el .IP "\f(CW$captcha\->output_folder( \*(Aq/some/folder\*(Aq );\fR" 4 .IX Item "$captcha->output_folder( /some/folder );" Required. Sets the directory to hold the generated Captcha image files. This is usually a web accessible directory so that the user can view the images in here, but it doesn't have to be web accessible (you could be attaching the images to an e\-mail for some verification, or some other Captcha implementation). Must be writable by the process running the script (usually the web server user, which is usually either \*(L"apache\*(R" or \*(L"http\*(R"). .ie n .IP """$captcha\->images_folder( \*(Aq/some/folder\*(Aq );""" 4 .el .IP "\f(CW$captcha\->images_folder( \*(Aq/some/folder\*(Aq );\fR" 4 .IX Item "$captcha->images_folder( /some/folder );" Optional, and may greatly affect the results... use with caution. Allows you to override the default character graphic png's and backgrounds with your own set of graphics. These are used in the generation of the final captcha image file. The defaults are held in: [lib install dir]/Authen/Captcha/images .ie n .IP """$captcha\->expire( 300 );""" 4 .el .IP "\f(CW$captcha\->expire( 300 );\fR" 4 .IX Item "$captcha->expire( 300 );" Optional. Sets the number of seconds this captcha will remain valid. This means that the created captcha's will not remain valid forever, just as long as you want them to be active. Set to an appropriate value for your application. Defaults to 300. .ie n .IP """$captcha\->width( 25 );""" 4 .el .IP "\f(CW$captcha\->width( 25 );\fR" 4 .IX Item "$captcha->width( 25 );" Optional. Number of pixels high for the character graphics. Defaults to 25. .ie n .IP """$captcha\->height( 35 );""" 4 .el .IP "\f(CW$captcha\->height( 35 );\fR" 4 .IX Item "$captcha->height( 35 );" Optional. Number of pixels wide for the character graphics. Defaults to 35. .ie n .IP """$captcha\->keep_failures( [0|1] );""" 4 .el .IP "\f(CW$captcha\->keep_failures( [0|1] );\fR" 4 .IX Item "$captcha->keep_failures( [0|1] );" Optional. Defaults to zero. This option controls whether or not the captcha will remain valid after a failed attempt. By default, we only allow one attempt to solve it. This greatly reduces the possibility that a bot could brute force a correct answer. Change it at your own risk. .ie n .IP """$captcha\->debug( [0|1|2] );""" 4 .el .IP "\f(CW$captcha\->debug( [0|1|2] );\fR" 4 .IX Item "$captcha->debug( [0|1|2] );" Optional. Sets the debugging bit. 1 turns it on, 0 turns it off. 2 will print out verbose messages to \s-1STDERR.\s0 .SH "TODO" .IX Header "TODO" sound file captcha: Incorporating distorted sound file creation. .SH "SEE ALSO" .IX Header "SEE ALSO" The Captcha project: http://www.captcha.net/ .PP The origonal perl script this came from: http://www.firstproductions.com/cgi/ .SH "AUTHORS" .IX Header "AUTHORS" Seth T. Jackson, .PP Josh I. Miller, .PP First Productions, Inc. created the cgi-script distributed under the \s-1GPL\s0 which was used as the basis for this module. Much work has gone into making this more robust, and suitable for other applications, but much of the origonal code remains. .PP Fixes were reported and contributed by various people, see Changes file for a complete list. .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" Copyright 2003, First Productions, Inc. (\s-1FIRSTPRODUCTIONS HUMAN TEST 1.0\s0) .PP Copyright 2003 by Seth Jackson .PP Copyright 2012 by Paolo Rossi, Lubomir Rintel, Chris Dunlop, Gert Schepens and Ernesto Hernández\-Novich .PP This library is free software; you can redistribute it and/or modify it under the terms of the \s-1GNU\s0 General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. (see license.txt). .PP This program is distributed in the hope that it will be useful, but \s-1WITHOUT ANY WARRANTY\s0; without even the implied warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS FOR A PARTICULAR PURPOSE.\s0 See the \s-1GNU\s0 General Public License for more details. .PP You should have received a copy of the \s-1GNU\s0 General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place \- Suite 330, Boston, \s-1MA 02111\-1307, USA\s0