What is CAPTCHA?
CAPTCHA is a "type of challenge-response test used in computing to ensure that the response is not generated by a computer". The full form of CAPTCHA is "Completely Automated Public Turing test to tell Computers and Humans Apart" and it can be any sort of puzzle/test. The CAPTCHA tests include some codes in form of some images, letters, alphabets and numbers that are intersected or overlapped over each other.
Where are CAPTCHAs found?
Here are a few places where we can find text CAPTCHAs:
Sign up / registration forms
Comments / feedback submission forms
Verification process
Why is there a need to have a CAPTCHA?
Let us take the case of a sign up form on a free email service. If this form doesn’t have a CAPTCHA puzzle, a small program written by a qualified hacker can quickly create tons of email accounts in a minute. The program can incessantly run the registration form script and provide it with the required inputs. However, including a CAPTCHA that only humans are able to decipher correctly will result in the failure of the hacker program since it will not be able to decode it and the registration form will not go through. Thus, the program will not be able to abuse the service.
Step 1: Add a generic handler file in your web application and name it "CaptchaHandler.ashx" (or any name). It will be used to create CAPTCHA image as a bitmap. Add following code in the file:
using System;
using System.IO;
using System.Web;
using System.Drawing;
using System.Drawing.Text;
using System.Drawing.Imaging;
using System.Drawing.Drawing2D;
using System.Web.SessionState;
public class Handler : IHttpHandler,IRequiresSessionState
{
public void ProcessRequest(HttpContext context)
{
using (Bitmap objBmp = new Bitmap(100, 25))
{
context.Session["Captcha"] = GetRandomString();
Font objFont = new Font("Courier New", 12, FontStyle.Bold);
Graphics objGraphics = Graphics.FromImage(objBmp);
objGraphics.SmoothingMode = SmoothingMode.AntiAlias;
objGraphics.Clear(Color.Gray);
objGraphics.TextRenderingHint = TextRenderingHint.AntiAlias;
objGraphics.DrawString(context.Session["Captcha"].ToString(), objFont, Brushes.White, 18, 3);
MemoryStream ms = new MemoryStream();
objBmp.Save(ms, ImageFormat.Png);
byte[] bmpBytes = ms.GetBuffer();
context.Response.ContentType = "image/png";
context.Response.BinaryWrite(bmpBytes);
objBmp.Dispose();
objFont.Dispose();
objGraphics.Dispose();
ms.Close();
context.Response.End();
}
}
public bool IsReusable
{
get
{
return false;
}
}
private string GetRandomString()
{
string[] arrCharacters = "A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,0,1,2,3,4,5,6,7,8,9".Split(",".ToCharArray());
string strCaptcha = string.Empty;
Random rAuto = new Random();
for (int iIteration = 0; iIteration < 6; iIteration++)
{ strCaptcha += arrCharacters[rAuto.Next(0, arrCharacters.Length - 1)];
}
return strCaptcha;
}
}
Step 2: Add image control in the ASPX page, where you want to have CAPTCHA and call the created Generic Handler from src attribute:
""
Step 3: Add below code on button click (which does validation for CAPTCHA, before proceeding to next page/action):
protected void Button1_Click(object sender, EventArgs e)
{
if(Session["Captcha"].ToString() == TextBox1.Text)
{
Label1.Text = " System identified you as a human";
}
else
{
TextBox1.Text="";
Label1.Text = "Please try again";
}
}
Happy Coding...
Friday, September 2, 2011
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment