Asked by:
Secure the captcha code

Question
-
User-158363518 posted
hi every body
Can you provide a solution to improve and more secure this code?
please help me with example .tnx a lot
i have 2 pages with names Maths_Captcha.aspx ,Captcha.aspx
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr>
<td colspan="2">
Result of below calculation...
</td>
</tr>
<tr>
<td colspan="2">
<asp:Label ForeColor="Red" runat="server" ID="lblStatus"></asp:Label>
</td>
</tr>
<tr>
<td>
<img src="Captcha.aspx" />
</td>
<td>
<asp:TextBox runat="server" ID="txtCaptcha"></asp:TextBox>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button runat="server" ID="btnSubmit" Text="Submit" OnClick="btnSubmit_Click" />
</td>
</tr>
</table>
</div>
</form>
</body>
</html>*****************************************
public partial class Maths_Captcha : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{}
protected void btnSubmit_Click(object sender, EventArgs e)
{
try
{
string result = txtCaptcha.Text;
if (result == Session["CaptchaValue"].ToString())
{
lblStatus.Text = "Correct..";
lblStatus.ForeColor = System.Drawing.Color.Green;
}
else
{
lblStatus.Text = "InCorrect..";
lblStatus.ForeColor = System.Drawing.Color.Red;
}
txtCaptcha.Text = "";
}
catch { }
}
}****************************
code behind Captcha.aspx
public partial class Captcha : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
//Defining brush color
Color brushColor = System.Drawing.Color.Blue;// Creating object for bitmap
Bitmap objBitmap = new System.Drawing.Bitmap(100, 30);// Creating object for Graphics class
Graphics objGraphics = System.Drawing.Graphics.FromImage(objBitmap);
objGraphics.Clear(Color.Transparent);// Creating object for Font class
Font objFont = new Font("Times New Roman", 14, FontStyle.Regular);string inputNumberString = "";
Random r = new Random();
int a = r.Next(1, 99);
int b = r.Next(1, 99);int c = a + b;
inputNumberString = a.ToString() + " + " + b.ToString() + " = ";
//Storing the captcha value in the session
Session["CaptchaValue"] = c.ToString();SolidBrush myBrush = new SolidBrush(brushColor);
objGraphics.DrawString(inputNumberString, objFont, myBrush, 3, 3);
//Adding the content type
Response.ContentType = "image/png";System.IO.MemoryStream mem = new MemoryStream();
//Saving the bitmap image
objBitmap.Save(mem, ImageFormat.Png);//Writing the image to output screen
mem.WriteTo(Response.OutputStream);
// Disposing Font Object
objFont.Dispose();// Disposing Graphics Object
objGraphics.Dispose();// Disposing Bitmap Object
objBitmap.Dispose();
}
}Sunday, May 19, 2019 1:39 AM
All replies
-
User665608656 posted
Hi csajad,
According to your description, I suggest you could set the size of the number in the picture inconsistently, the position could be up and down, the font could be blurred, or add some random horizontal and vertical lines to the picture.
The purpose of doing this is to ensure the user can recognize, but the machine can not recognize, which ensures the security of the captcha code.
If you don't want to use the method you defined, you could also use Google's recaptcha directly.
Reference link: https://www.google.com/recaptcha/intro/v3.htmlHere are some of the features I added to your code, which you could refer to.
code behind Captcha.aspx:
protected void Page_Load(object sender, EventArgs e) { //Defining brush color Color brushColor = System.Drawing.Color.Blue; // Creating object for bitmap Bitmap objBitmap = new System.Drawing.Bitmap(100, 30); // Creating object for Graphics class Graphics objGraphics = System.Drawing.Graphics.FromImage(objBitmap); objGraphics.Clear(Color.Transparent); // Creating object for Font class Font objFont = new Font("Times New Roman", 14, FontStyle.Regular); string inputNumberString = ""; Random r = new Random(); int a = r.Next(1, 99); int b = r.Next(1, 99); int c = a + b; inputNumberString = a.ToString() + " + " + b.ToString() + " = "; //Storing the captcha value in the session Session["CaptchaValue"] = c.ToString(); objGraphics.Clear(Color.White); //Draw four random lines for (int i = 0; i < 4; i++) { int x1 = r.Next(objBitmap.Width); int y1 = r.Next(objBitmap.Height); int x2 = r.Next(objBitmap.Width); int y2 = r.Next(objBitmap.Height); objGraphics.DrawLine(new Pen(Brushes.Black, 1), new Point(x1, y1), new Point(x2, y2)); } objGraphics.DrawRectangle(new Pen(Brushes.Black), 0, 0, objBitmap.Width - 1, objBitmap.Height - 1); SolidBrush myBrush = new SolidBrush(brushColor); objGraphics.DrawString(inputNumberString, objFont, myBrush, 3, 3); //Adding the content type Response.ContentType = "image/png"; System.IO.MemoryStream mem = new MemoryStream(); //Saving the bitmap image objBitmap.Save(mem, ImageFormat.Png); //Writing the image to output screen mem.WriteTo(Response.OutputStream); // Disposing Font Object objFont.Dispose(); // Disposing Graphics Object objGraphics.Dispose(); // Disposing Bitmap Object objBitmap.Dispose(); }
The result of my work demo:
Best Regards,YongQing.
Monday, May 20, 2019 8:19 AM