Thursday, September 11, 2008

Captcha in asp.net

Download source files:2.72kb
> Captcha

Introduction

CAPTCHA stands for "completely automated public Turing test to tell computers and humans apart." What it means is, a program that can tell humans from machines using some type of generated test. A test most people can easily pass but a computer program cannot.

You've probably encountered such tests when signing up for an online email or forum account. The form might include an image of distorted text, like that seen above, which you are required to type into a text field.

The idea is to prevent spammers from using web bots to automatically post form data in order to create email accounts (for sending spam) or to submit feedback comments or guestbook entries containing spam messages. The text in the image is usually distorted to prevent the use of OCR (optical character reader) software to defeat the process. Hotmail, PayPal, Yahoo and a number of blog sites have employed this technique.

This article demonstrates how to create such an image and employ it within an ASP.NET web form.

Background

You can find more information on CAPTCHA at The CAPTCHA Project and read about its use in foiling purveyors of pills, pr0n and pyramid-schemes in an article from Scientific American entitled Baffling the Bots.

Before using this technique however, you should consider how it will affect your site's accessibility to the blind and other visually impaired visitors. PayPal attempts to address this problem on their sign up form by including a link to an audio file, in which a voice spells out the image text.

The code presented here produces only an image. But, if you had code to generate an audio file, you could easily integrate it.

Default.aspx:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" Debug="true" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>Untitled Page</title>
<style type="text/css">
.correct
{fontfamiy:verdana,arial;fontweight:bold;color:red}
.error
{fontfamiy:verdana,arial;fontweight:bold;color:red}


</style>
</head>
<body onload="Button1_Click">
<form id="form1" runat="server">
<div>

<asp:Image ID="myImage" runat="server" ImageUrl="~/CaptchaControl.aspx" />
<br />
<br />

Enter code: <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>


<asp:Button ID="Button1" runat="server" Text="Validate" OnClick="Button1_Click" />
<asp:Label ID="MessageLabel" runat="server" Height="50px" Style="z-index: 100; left: 260px;
position: absolute; top: 75px" Text="" Width="150px"></asp:Label><br /><br />


</div>
</form>
</body>
</html>

Default.aspx.cs:

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{

}
}
protected void Button1_Click(object sender, EventArgs e)
{
// validate the code

string userEnteredCode = TextBox1.Text;

ValidateUserCode(userEnteredCode);
}

private void ValidateUserCode(string userEnteredCode)
{
if (Session["Code"].ToString().Equals(userEnteredCode))
{
this.MessageLabel.Text = "Nice to know that you are not a bot.";
this.MessageLabel.CssClass = "correct";
//Response.Write("Nice to know that you are not a bot.");
}
else
{
// clear the session and generate a new code
Session["Code"] = null;
this.TextBox1.Text = "";
this.MessageLabel.CssClass = "error";
this.MessageLabel.Text = "the text u typed is incorrect please try again....";
//Response.Write("the text u typed is incorrect please try again");
}
}
}

CaptchaControl.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="CaptchaControl.aspx.cs" Inherits="CaptchaControl" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>

</div>
</form>
</body>
</html>


CaptchaControl.aspx.cs:

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
using System.Drawing.Imaging;
using System.Text;

public partial class CaptchaControl : System.Web.UI.Page
{
private Random rand = new Random();

protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
CreateImage();
}
}

private void CreateImage()
{
string code = GetRandomText();

Bitmap bitmap = new Bitmap(200,75, System.Drawing.Imaging.PixelFormat.Format32bppArgb);

Graphics g = Graphics.FromImage(bitmap);
Pen pen = new Pen(Color.Yellow);
Rectangle rect = new Rectangle(0, 0, 200,75);

SolidBrush b = new SolidBrush(Color.DarkKhaki);
SolidBrush blue = new SolidBrush(Color.Blue);

int counter = 0;

g.DrawRectangle(pen, rect);
g.FillRectangle(b, rect);

for (int i = 0; i < code.Length; i++)
{
g.DrawString(code[i].ToString(), new Font("Verdena", 10 + rand.Next(14, 18)), blue, new PointF(10 + counter, 10));
counter += 20;
}

DrawRandomLines(g);

bitmap.Save(Response.OutputStream, ImageFormat.Gif);

g.Dispose();
bitmap.Dispose();

}

private void DrawRandomLines(Graphics g)
{
SolidBrush green = new SolidBrush(Color.Green);
for (int i = 0; i < 20; i++)
{
g.DrawLines(new Pen(green, 2), GetRandomPoints());
}

}

private Point[] GetRandomPoints()
{
Point[] points = { new Point(rand.Next(10, 150), rand.Next(10, 150)), new Point(rand.Next(10, 100), rand.Next(10, 100)) };
return points;
}

private string GetRandomText()
{
StringBuilder randomText = new StringBuilder();

if (Session["Code"] == null)
{
string alphabets = "abcdefghijklmnopqrstuvwxyz1234567890";

Random r = new Random();
for (int j = 0; j <= 5; j++)
{

randomText.Append(alphabets[r.Next(alphabets.Length)]);
}

Session["Code"] = randomText.ToString();
}

return Session["Code"] as String;
}

}



NOTE:
1. THE RANDOM LINES IS GENERATED FOR EXTRA SECURITY IF U DONT WANT THOSE LINES SIMPLY CHANGE
SolidBrush green = new SolidBrush(Color.Green);
for (int i = 0; i < 0; i++)

2.Modify the width and height using Bitmap

Download source files:2.72kb     
Captcha
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)