freeCap is a GPL CAPTCHA script to stop spam. It was written as a proof-of-concept at a time when there were really no other good PHP captcha scripts around (2005). For a long time I think it’s not untrue to say freeCap was the best PHP CAPTCHA there was.
To be perfectly honest, these days I would recommend you try reCAPTCHA first. freeCap does still do the job perfectly well, but the reCAPTCHA guys can provide better support than I.
Still, freeCap might be the solution for you if you want to be able to have more control over how the CAPTCHA works and is displayed. There are a whole load of tweakable options: multiple GD fonts, colours, backgrounds, obfuscation options etc. And the code is pretty good too if you’re just interested in PHP image processing. Still interested? Read on!
It does require some knowledge of PHP to install, though there are several plugins for forum and blog software listed below.
freeCap also focusses on the security of the implementation. I wrote an article about CAPTCHA implmentation vulnerabilities which was cited by W3. A lot of CAPTCHAs are relatively secure against OCR attacks, but fail to account for other attacks, such as session re-use and the insecurities of shared hosting.
freeCap can output as JPG, PNG or GIF, has brute force protection, is open source and is totally self-contained – no need for SQL databases, PEAR, or anything beyond PHP and GD!Â I hope you like it :-)
freeCap PHP CAPTCHA Version 1.4.1
-optional sha1 / md5 / crc32 hash in server session
-3 different randomly generated background types: grid, squiggles, image blocks (or blank) – see the demo!
-multiple font/colour support
-htaccess protected dictionary, fonts and backgrounds
-shared server security further enhanced
-user definable text fading
-automatic random number seeding for older PHP versions
At the moment, freeCap does not include installation instructions, but it does come with a simple sample from which you should be able to integrate the CAPTCHA with your PHP enabled website.
GDlib any version (for gif support, any except 1.06)
Runs on both linux and windows platforms.
You might get E_NOTICE errors – check out the support page for more info, or to report other bugs. I’ll try to help out if I can :-)
Comments/Questions about this PHP CAPTCHA script?
I now have a dedicated page for freeCap support. This is the place to look if you are having trouble installing freeCap. General comments can be made below.
What is a CAPTCHA anyway?
A CAPTCHA is a special image that serves as a guard against comment spam. Automated programs scan millions of websites looking for phrases like “add your comment” and “sign my guestbook”, and try to add spam messages advertising various products to those pages. By asking users to type a word in an image, this type of spam can be prevented – programs cannot read text in images.
Why should I use a CAPTCHA?
Ideally, you shouldn’t. If you’re not being spammed then I would recommend that you don’t put a captcha in place – they are annoying for users and they are generally not accessible to partially sighted users.
If you *are* being spammed then I suggest first of all that you rename all your form variables. That might hold them off for a while, it might possibly stop the spam altogether.
To me, the bottom line is that a CAPTCHA is a last resort. It’s an ugly solution to an ugly problem.
Want to join the fight against spam?
Take a look at this spam wiki – some very cool stuff going on there ;)