Cant seem to get captcha working correctly

bosco500

I've been trying to implement a captcha system on my server for a couple days now with no success. I found a simple captcha script, but it is giving me some errors. Here are the errors:

Notice: Undefined index: captchaimg in /var/www/vhosts/wilserv.net/httpdocs/test/captcha.php on line 23

Notice: Undefined index: captchawav in /var/www/vhosts/wilserv.net/httpdocs/test/captcha.php on line 25

Notice: Undefined index: SCRIPT_URL in /var/www/vhosts/wilserv.net/httpdocs/test/captcha.php on line 59

Notice: Undefined index: SCRIPT_URL in /var/www/vhosts/wilserv.net/httpdocs/test/captcha.php on line 60

Notice: Undefined index: send in /var/www/vhosts/wilserv.net/httpdocs/test/test.php on line 17

Here is captcha.php:

<?php
        // There had better be NO BLANK LINES OR ANYTHING ELSE
        // before the preceding line!

// Boutell's Simple PHP Captcha.

// Copyright 2007, Thomas Boutell and Boutell.Com, Inc.
// Permission granted to use and modify this code as you
// see fit, provided that you do not represent this code
// as your own work. 

// Otherwise, feel free to profit from this code 
// in any way you wish.

// NO CHANGES REQUIRED HERE

    // All settings are in captcha-settings.php, so that you can 
// install an upgraded version of captcha.php without losing them.

    require 'captcha-settings.php';

session_start();
if ($_GET['captchaimg']) {
	captchaSendImg();
} elseif ($_GET['captchawav']) {
	captchaSendWav();		
} else {
	captchaCode();
}
function captchaImgUrl()
{
	global $captchaimg;
	return $captchaimg;
}
function captchaWavUrl()
{
	global $captchawav;
	return $captchawav;
}
function captchaCode()
{
	global $captchaimg, $captchawav;
	// Don't generate the code twice
	if (!$_SESSION['captchacode']) {
		// Skip l it is too easily mistaken for 1.
		// Skip f, x and s, they are too hard to tell
		// apart when spoken.
		$chars = "abcdeghijkmnopqrtuvwyz";
		$code = "";
		$length = mt_rand(5, 7);
		for ($i = 0; ($i < $length); $i++) {
			$char = substr($chars, 
				rand(0, strlen($chars) - 1), 1); 
			$code .= $char;
		}
		$_SESSION['captchacode'] = $code;
	}
	$salt = mt_rand(1000000, 2000000);
	$captchaimg = $_SERVER['SCRIPT_URL'] . "?captchaimg=1&captchasalt=$salt";
	$captchawav = $_SERVER['SCRIPT_URL'] . "?captchawav=1&captchasalt=$salt";
}
function captchaDone()
{
	if ($_SESSION['captchacode']) {
		unset($_SESSION['captchacode']);
	}
}
function captchaSendImg()
{
	global $captchaFont;
	$code = $_SESSION['captchacode'];
	$im = imagecreatetruecolor(200, 50);
	imageantialias($im, 1);
	$back = imagecolorallocate($im, 255, 255, 255);
	$fore = imagecolorallocate($im, 0, 0, 0);
	imagefilledrectangle($im, 0, 0, 200, 50, $back);
	$x = mt_rand(10, 20);
	$y = mt_rand(20, 35);
	$length = strlen($code);	
	for ($i = 0; ($i < $length); $i++) {
		$char = substr($code, $i, 1);
		$size = mt_rand(0, 4) + 16.0;
		$angle = mt_rand(0, -45);
		$xoffs = mt_rand(-3, 3);
		$yoffs = mt_rand(-5, 5);
		imagettftext($im, $size, $angle, 
			$x + $xoffs, $y + $yoffs, 
			$fore, $captchaFont, $char);
		$x += 23;
		$code .= $char;
	}
	// Now add lots of noise to 
	// confuse OCR software
	$flakes = (200 * 50) / 16;
	$flakes = mt_rand($flakes * .8, $flakes * 1.2);	
	for ($i = 0; ($i < $flakes); $i++) {
		$x1 = mt_rand(0, 200);
		$y1 = mt_rand(0, 50);
		$x2 = $x1 + mt_rand(-2, 2);
		$y2 = $y1 + mt_rand(-2, 2);
		imageline($im, $x1, $y1, $x2, $y2, $fore);	
	}
	// jpeg is lossy, which is good here, because
	// it makes automated analysis of the captcha
	// a little more difficult.
	header("Content-type: image/jpeg"); 	
	imagejpeg($im);
	exit(0);
}
function captchaSendWav()
{
	global $captchaSounds;
	$wav = "RIFF";
	# Dummy length for now, we'll patch it
	# when we know the final length
	$riffLengthOffset = strlen($wav);
	$wav .= pack("V", 0);
	$wav .= "WAVE";
	# Now the format chunk
	$wav .= "fmt ";
	# Enough room to describe PCM
	$wav .= pack("V", 16);
	# Select PCM
	$wav .= pack("v", 1);	
	# mono
	$wav .= pack("v", 1);
	# samplerate
	$wav .= pack("V", 22050);
	# byterate
	$wav .= pack("V", 22050);
	# block alignment
	$wav .= pack("v", 1);
	# bits per sample
	$wav .= pack("v", 8);
	# Now the data chunk
	$wav .= "data";
	$code = $_SESSION['captchacode'];
	$sound = "";
	$change = mt_rand(7000, 10000);
	$change /= 10000.0;
	for ($i = 0; ($i < strlen($code)); $i++) {
		$char = substr($code, $i, 1);	
		$lsound = file_get_contents("$captchaSounds/$char.ub");
		$llen = strlen($lsound);
		$nsound = "";
		$prev = 0;
		$smoothFrequency = mt_rand(200, 300);
		for ($j = 0; ($j < $llen); $j++) {
			$byte = ord(substr($lsound, $j, 1));
			# Change volume slightly to thwart attempts
			# to just recognize the same series of bytes
			$byte *= $change;
			# Smooth in an occasional extra byte to thwart 
			# attempts to simply calculate letter lengths
			if (mt_rand(0, $smoothFrequency) == 0) {
				$smooth = ($byte + $prev) / 2.0;
				$nsound .= pack("C", $smooth);
			}
			$nsound .= pack("C", $byte);
			$prev = $byte;
		}
		$sound .= $nsound;
	}
	$wav .= pack("V", strlen($sound));
	$wav .= $sound;
	substr_replace($wav, pack("V", strlen($wav) - 8),
		$riffLengthOffset, 4);
	$clength = strlen($wav);
	header("Content-length: $clength");
	header("Content-type: audio/wav"); 	
	echo($wav);
	exit(0);
}
function captchaBasePath()
{
	$src = __FILE__;
	$path = preg_replace('/\/[^\/]+$/', '', $src);
	return $path;
}
?>

Any idea why these errors would occur?

suntra

It's because there are direct calls made to the variable without checking if it is first set...

Line 23

    if ($_GET['captchaimg']) {

I would use isset()...

    if (isset($_GET['captchaimg'])) {

Line 59 (and almost 60) :

        $captchaimg = $_SERVER['SCRIPT_URL'] . "?captchaimg=1&captchasalt=$salt";

$SERVER['SCRIPT_URL'] doesn't exist. Use $SERVER["SCRIPT_NAME"] or $_SERVER["PHP_SELF"]...

About line 17, don't know since it's not in the same page...