Simple Captcha with ASP.NET

Introduction

I was trying to find a solution to block spammers adding data to the database, using C#. This is the quick solution I found.

First create an image tag in the webform that has the submit form.
```
<IMG height="30" alt="" src="Turing.aspx" width="80">
```
As you see, the source for the picture will be a file called “Turing.aspx”.

Later, create the webform “Turing.aspx” with the code below:

public class Turing1 : System.Web.UI.Page
{
    private void Page_Load(object sender, System.EventArgs e)
    {
        Bitmap objBMP =new System.Drawing.Bitmap(60,20);
        Graphics objGraphics = System.Drawing.Graphics.FromImage(objBMP);
        objGraphics.Clear(Color.Green);

        objGraphics.TextRenderingHint = TextRenderingHint.AntiAlias;

        //' Configure font to use for text
        Font objFont = new  Font("Arial", 8, FontStyle.Bold);
        string randomStr="";
        int[] myIntArray = new int[5] ;
        int x;

        //That is to create the random # and add it to our string
        Random autoRand = new Random();

        for (x=0;x<5;x++)
        {
            myIntArray[x] =  System.Convert.ToInt32 (autoRand.Next(0,9));
            randomStr+= (myIntArray[x].ToString ());
        }

        //This is to add the string to session cookie, to be compared later
        Session.Add("randomStr",randomStr);

        //' Write out the text
        objGraphics.DrawString(randomStr, objFont, Brushes.White,  3, 3);

        //' Set the content type and return the image
        Response.ContentType = "image/GIF";
        objBMP.Save(Response.OutputStream, ImageFormat.Gif);

        objFont.Dispose();
        objGraphics.Dispose();
        objBMP.Dispose();
   }
}

And this is the code for the Submit button on the main form:

private void btnSubmit_ServerClick(object sender, System.EventArgs e)
{
    if (Page.IsValid && (txtTuring.Value.ToString () == 
                            Session["randomStr"].ToString ())) 
    {
         // The Code to insert data
    }
    else
    {
        Label1.Text ="Please enter info correctly";
    }
}

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

About the Author

Oguz Altuncu

Canada

Member

Article Top

Poor

Excellent

Add a reason or comment to your vote: x
Votes of 3 or less require a comment

Comments and Discussions

You must Sign In to use this message board. (secure sign-in)

Search this forum
	Profile popups Noise Layout Per page

This won't block spammers!

JJF007

4:55 5 Aug '05

All you do is to write some random chars out at the same formating and font. This will prevent maybe some beginners to get the code, but with just some simple coding algorithms its possible to get the wanted letters back from the image! All spamm blocking image creators use differnt high, angels and fonts for sometimes each letter.
Sign In·View Thread·Permalink

Re: This won't block spammers!

lordofthexings

5:11 5 Aug '05

That's the simplest way to do it, I am sure it will prevent many bots. Thanks for the advice
Sign In·View Thread·Permalink

Re: This won't block spammers!

Sean Michael Murphy

10:10 5 Aug '05

You can make it a little harder on OCR attacks just by changing from a solid brush to a hatch brush. Instead of this:

// Write out the text
objGraphics.DrawString(randomStr, objFont, Brushes.White,  3, 3);

Do this:

// Write out the text
HatchBrush hb = new HatchBrush(HatchStyle.Sphere, Color.Red, Color.Wheat);
objGraphics.DrawString(randomStr, objFont, hb,  3, 3);

Play with the HatchStyle enumeration. It chops up the characters a bit more, making them slightly harder to process via code.

Sean