Simple captcha component for CakePHP

Captcha is the basic necessity in today’s data submission processes where numerous spammers are looking for space to occupy with their promos.

There are number of captcha component online and i have created this one to suit my cakephp needs by modifying one simple yet powerful captcha script.First of all here is the source code of CaptchaComponent class(app\controllers\components\captcha.php):
(I can configure it myself. Just download the zip package)

< ?php
class CaptchaComponent extends Object
	var $controller;

	function startup( &$controller ) {
		$this->controller = &$controller;

	function create()	{

		$alphabet = "0123456789abcdefghijklmnopqrstuvwxyz"; # do not change without changing font files!

		# symbols used to draw CAPTCHA
		//$allowed_symbols = "0123456789"; #digits
		$allowed_symbols = "2345679abcdehkmnpqsuvxyz"; #alphabet without similar symbols (o=0, 1=l, i=j, t=f)

		# folder with fonts
		$fontsdir = 'fonts';	

		# CAPTCHA string length
		$length = mt_rand(5,6); # random 5 or 6
		//$length = 6;

		# CAPTCHA image size (you do not need to change it, whis parameters is optimal)
		$width = 200;
		$height = 90;

		# symbol's vertical fluctuation amplitude divided by 2
		$fluctuation_amplitude = 4;

		# increase safety by prevention of spaces between symbols
		$no_spaces = false;

		# show credits
		$show_credits = false; # set to false to remove credits line. Credits adds 12 pixels to image height
		$credits = 'Smartdata Inc.'; # if empty, HTTP_HOST will be shown

		# CAPTCHA image colors (RGB, 0-255)
		//$foreground_color = array(0, 0, 0);
		//$background_color = array(220, 230, 255);
		//$foreground_color = array(mt_rand(0,100), mt_rand(0,100), mt_rand(0,100));
		//$background_color = array(mt_rand(200,255), mt_rand(200,255), mt_rand(200,255));

		$foreground_color = array(100, 100, 100);
		$background_color = array(255, 255, 220);

		# JPEG quality of CAPTCHA image (bigger is better quality, but larger file size)
		$jpeg_quality = 90;

		$fontsdir_absolute= $fontsdir;

		if ($handle = opendir($fontsdir_absolute)) {
			while (false !== ($file = readdir($handle))) {
				if (preg_match('/\.png$/i', $file)) {



			// generating random keystring
				for($i=0;$i< $length;$i++){
				if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp/', $keystring)) break;

			$font_file=$fonts[mt_rand(0, count($fonts)-1)];
			imagealphablending($font, true);

			// loading font
			for($i=0;$i<$fontfile_width && $symbol<$alphabet_length;$i++){
				$transparent = (imagecolorat($font, $i, 0) >> 24) == 127;

				if(!$reading_symbol && !$transparent){

				if($reading_symbol && $transparent){

			$img=imagecreatetruecolor($width, $height);
			imagealphablending($img, true);
			$white=imagecolorallocate($img, 255, 255, 255);
			$black=imagecolorallocate($img, 0, 0, 0);

			imagefilledrectangle($img, 0, 0, $width-1, $height-1, $white);

			// draw text
			for($i=0;$i< $length;$i++){

				$y=mt_rand(-$fluctuation_amplitude, $fluctuation_amplitude)+($height-$fontfile_height)/2+2;

						for($sy=7;$sy< $fontfile_height-20;$sy+=1){
								$rgb=imagecolorat($font, $sx, $sy);
									if($py>$height) break;
									for($px=min($left,$width-1);$px>$left-12 && $px>=0;$px-=1){
										$color=imagecolorat($img, $px, $py) & 0xff;

			if($x< $width-10) break; // fit in canvas


		// credits. To remove, see configuration file
		$img2=imagecreatetruecolor($width, $height+($show_credits?12:0));
		$foreground=imagecolorallocate($img2, $foreground_color[0], $foreground_color[1], $foreground_color[2]);
		$background=imagecolorallocate($img2, $background_color[0], $background_color[1], $background_color[2]);
		imagefilledrectangle($img2, 0, $height, $width-1, $height+12, $foreground);
		imagestring($img2, 2, $width/2-ImageFontWidth(2)*strlen($credits)/2, $height-2, $credits, $background);

		// periods
		// phases
		// amplitudes

		//wave distortion

				if($sx<0 || $sy<0 || $sx>=$width-1 || $sy>=$height-1){
					$color=imagecolorat($img, $sx, $sy) & 0xFF;
					$color_x=imagecolorat($img, $sx+1, $sy) & 0xFF;
					$color_y=imagecolorat($img, $sx, $sy+1) & 0xFF;
					$color_xy=imagecolorat($img, $sx+1, $sy+1) & 0xFF;

				if($color==0 && $color_x==0 && $color_y==0 && $color_xy==0){
				}else if($color==255 && $color_x==255 && $color_y==255 && $color_xy==255){


					if($newcolor>255) $newcolor=255;


				imagesetpixel($img2, $x, $y, imagecolorallocate($img2, $newred, $newgreen, $newblue));

// 			header("Content-Type: image/jpeg");
			imagejpeg($img2, null, $jpeg_quality);
		}else if(function_exists("imagegif")){
// 			header("Content-Type: image/gif");
		}else if(function_exists("imagepng")){
// 			header("Content-Type: image/x-png");
		$image = ob_get_clean();

		$C_file= $filename_prefix.'.jpg';

		if($this->controller->Session->check('oldcaptcha'))	{
		else $oldcaptcha=NULL;

		if(isset($oldcaptcha))	{
			if(file_exists('img/captcha/'.$oldcaptcha)) {

		$fh = @fopen("img/captcha/".$C_file,"w+");


		return $C_file;

	function genPass() {

		$vocales = "AaEeIiOoUu13580";

		$consonantes = "BbCcDdFfGgHhJjKkLlMmNnPpQqRrSsTtVvWwXxYyZz24679";
		$r = '';
		for ($i = 0; $i < 4; $i++) {
			if ($i % 2) {
				$r .= $vocales{rand(0, strlen($vocales) - 1)};
			} else {
				$r .= $consonantes{rand(0, strlen($consonantes) - 1)};
		return $r;

	function RandPass()	{

		$randomPassword = "";	

		for($i=0;$i<5;$i++)	{

				$randnumber = mt_rand(48,120);

				while (($randnumber >= 58 && $randnumber < = 64) || ($randnumber >= 91 && $randnumber < = 96))	{
						$randnumber = mt_rand(48,120);

				$randomPassword .= chr($randnumber);
		return $randomPassword;


It will be time taking to discuss the source code line by line. I would just say that the script uses custom font files and gd library to create a image with some random characters on it. It also creates a session containing the code and handles the deletions of old unnecessary files so it does not flood the server space with new files everytime.

Here is the Controller class’s source code(controllers\captcha_controller.php; found in zip files as well):

function create_captcha()	{
		App::import("Component","Captcha"); //including captcha class
		$this->Captcha =  new CaptchaComponent(); //creating an object instance
		$this->Captcha->controller = & $this; //assign this conroller(CaptchaController) object to its captcha object's controller property.
		$this->set('captcha_src',$captcha_src=$this->Captcha->create()); //create a capthca and assign to a variable

 * Process the form to check user has entered a valid captcha code
 * @return void
 * @access public

function captcha_test()	{
	if(!empty($this->data))	{ //if form is submitted
		if($this->data['User']['ver_code']==$this->Session->read('ver_code'))	{ //comparing both codes
			$this->flash(__("Captcha verification success",true),"captcha_test"); //user has entered a valid verification code
		}	else	{
			$this->flash(__("Captcha verification failure",true),"captcha_test"); //invalid code
	$this->create_captcha(); //not form action performed, create a captch code and show the form

Just call the captcha component class on the fly and create a captcha and set a variable for our view section. Dont forget to pass controller object to component class object ($this->Captcha->controller = $this;).

Now we are ready to use captcha in our view section. We will show captcha image to the user and will ask them to enter the code into a input box so it can be validated against one stored in the session while creating the captcha image. Here are the source code for the view section(views\captcha\captcha_test.ctp).

echo $form->create(null,array('method'=>'post','action'=>'captcha_test'));
echo $html->image("captcha/".$captcha_src);
echo $form->input('User.ver_code');
echo $form->submit(__('Test Captcha',true));
echo $form->end();

Thats all for captcha form validation in a cakephp application!

To make it more simple and straight just download the zip package and do it like this:

#1. Place all files at their respective locations. For example place place captcha.php file inside your projects /app/controllers/component directory and so on.

#2. Make /app/webroot/img/captcha directory writable (chmod 0777)

#3. If using component in a different controller than this package’s captcha_controller.php copy paste both functions to your controller function area.

#4. Access website url like this conrollername(captcha)/captcha_test and you should see the captcha image having a text field under it.

Feel free to post your comments.