1GD::SecurityImage(3) User Contributed Perl Documentation GD::SecurityImage(3)
2
6 GD::SecurityImage - Security image (captcha) generator.
7
9 use GD::SecurityImage;
10 # Create a normal image
12 my $image = GD::SecurityImage->new(
13 width => 80,
14 height => 30,
15 lines => 10,
16 gd_font => 'giant',
17 );
18 $image->random( $your_random_str );
19 $image->create( normal => 'rect' );
20 my($image_data, $mime_type, $random_number) = $image->out;
21 or
23 # use external ttf font
25 my $image = GD::SecurityImage->new(
26 width => 100,
27 height => 40,
28 lines => 10,
29 font => "/absolute/path/to/your.ttf",
30 scramble => 1,
31 );
32 $image->random( $your_random_str );
33 $image->create( ttf => 'default' );
34 $image->particle;
35 my($image_data, $mime_type, $random_number) = $image->out;
36 or you can just say (most of the public methods can be chained)
38 my($image, $type, $rnd) = GD::SecurityImage->new->random->create->particle->out;
40 to create a security image with the default settings. But that may not
42 be useful. If you "require" the module, you must import it:
43 require GD::SecurityImage;
45 GD::SecurityImage->import;
46 The module also supports "Image::Magick", but the default interface
48 uses the "GD" module. To enable "Image::Magick" support, you must call
49 the module with the "use_magick" option:
50 use GD::SecurityImage use_magick => 1;
52 If you "require" the module, you must import it:
54 require GD::SecurityImage;
56 GD::SecurityImage->import(use_magick => 1);
57 The module does not export anything actually. But "import" loads the
59 necessary sub modules. If you don' t "import", the required modules
60 will not be loaded and probably, you'll "die()".
61
63 This document describes version 1.73 of "GD::SecurityImage" released on
64 "21 January 2015".
65 The (so called) "Security Images" are so popular. Most internet
67 software use these in their registration screens to block robot
68 programs (which may register tons of fake member accounts). Security
69 images are basicaly, graphical CAPTCHAs (Completely Automated Public
70 Turing Test to Tell Computers and Humans Apart). This module gives you
71 a basic interface to create such an image. The final output is the
72 actual graphic data, the mime type of the graphic and the created
73 random string. The module also has some "styles" that are used to
74 create the background (or foreground) of the image.
75 If you are an "Authen::Captcha" user, see GD::SecurityImage::AC for
77 migration from "Authen::Captcha" to "GD::SecurityImage".
78 This module is just an image generator. Not a captcha handler. The
80 validation of the generated graphic is left to your programming taste.
81 But there are some captcha handlers for several Perl FrameWorks. If
82 you are an user of one of these frameworks, see "GD::SecurityImage
83 Implementations" in "SEE ALSO" section for information.
84
86 This module can use both RGB and HEX values as the color parameters.
87 HEX values are recommended, since they are widely used and recognised.
88 $color = '#80C0F0'; # HEX
90 $color2 = [15, 100, 75]; # RGB
91 $i->create($meth, $style, $color, $color2)
92 $i->create(ttf => 'box', '#80C0F0', '#0F644B')
94 RGB values must be passed as an array reference including the three
96 Red, Green and Blue values.
97 Color conversion is transparent to the user. You can use hex values
99 under both "GD" and "Image::Magick". They' ll be automagically
100 converted to RGB if you are under "GD".
101
103 new
104 The constructor. "new()" method takes several arguments. These
105 arguments are listed below.
106 width
108 The width of the image (in pixels).
109 height
111 The height of the image (in pixels).
112 ptsize
114 Numerical value. The point size of the ttf character. Only
115 necessarry if you want to use a ttf font in the image.
116 lines
118 The number of lines that you' ll see in the background of the
119 image. The alignment of lines can be vertical, horizontal or
120 angled or all of them. If you increase this parameter' s value, the
121 image will be more cryptic.
122 font
124 The absolute path to your TrueType (.ttf) font file. Be aware that
125 relative font paths are not recognized due to problems in the
126 "libgd" library.
127 If you are sure that you've set this parameter to a correct value
129 and you get warnings or you get an empty image, be sure that your
130 path does not include spaces in it. It looks like libgd also have
131 problems with this kind of paths (eg: '/Documents and
132 Settings/user' under Windows).
133 Set this parameter if you want to use ttf in your image.
135 gd_font
137 If you want to use the default interface, set this parameter. The
138 recognized values are "Small", "Large", "MediumBold", "Tiny",
139 "Giant". The names are case-insensitive; you can pass lower-cased
140 parameters.
141 bgcolor
143 The background color of the image.
144 send_ctobg
146 If has a true value, the random security code will be displayed in
147 the background and the lines will pass over it. (send_ctobg = send
148 code to background)
149 frame
151 If has a true value, a frame will be added around the image. This
152 option is enabled by default.
153 scramble
155 If set, the characters will be scrambled. If you enable this
156 option, be sure to use a wider image, since the characters will be
157 separated with three spaces.
158 angle
160 Sets the angle for scrambled/normal characters. Beware that, if you
161 pass an "angle" parameter, the characters in your random string
162 will have a fixed angle. If you do not set an "angle" parameter,
163 the angle(s) will be random.
164 When the scramble option is not enabled, this parameter still
166 controls the angle of the text. But, since the text will be
167 centered inside the image, using this parameter without scramble
168 option will require a taller image. Clipping will occur with
169 smaller height values.
170 Unlike the GD interface, "angle" is in "degree"s and can take
172 values between 0 and 360.
173 thickness
175 Sets the line drawing width. Can take numerical values. Default
176 values are 1 for GD and 0.6 for Image:Magick.
177 rndmax
179 The minimum length of the random string. Default value is 6.
180 rnd_data
182 Default character set used to create the random string is 0..9.
183 But, if you want to use letters also, you can set this parameter.
184 This parameter takes an array reference as the value.
185 Not necessary and will not be used if you pass your own random
187 string.
188 random
190 Creates the random security string or sets the random string to the
191 value you have passed. If you pass your own random string, be aware
192 that it must be at least six (defined in "rndmax") characters long.
193 random_str
195 Returns the random string. Must be called after "random()".
196 create
198 This method creates the actual image. It takes four arguments, but none
199 are mandatory.
200 $image->create($method, $style, $text_color, $line_color);
202 $method can be "normal" or "ttf".
204 $style can be one of the following (some of the styles may not work if
206 you are using a really old version of GD):
207 default
209 The default style. Draws horizontal, vertical and angular lines.
210 rect
212 Draws horizontal and vertical lines
213 box Draws two filled rectangles.
215 The "lines" option passed to new, controls the size of the inner
217 rectangle for this style. If you increase the "lines", you'll get a
218 smaller internal rectangle. Using smaller values like 5 can be
219 better.
220 circle
222 Draws circles.
223 ellipse
225 Draws ellipses.
226 ec This is the combination of ellipse and circle styles. Draws both
228 ellipses and circles.
229 blank
231 Draws nothing. See "OTHER USES".
232 Note: if you have a (too) old version of GD, you may not be able to use
234 some of the styles.
235 You can use this code to get all available style names:
237 my @styles = grep {s/^style_//} keys %GD::SecurityImage::Styles::;
239 The last two arguments ($text_color and $line_color) are the colors
241 used in the image (text and line color -- respectively):
242 $image->create($method, $style, [0,0,0], [200,200,200]);
244 $image->create($method, $style, '#000000', '#c8c8c8');
245 particle
247 Must be called after create.
248 Adds random dots to the image. They'll cover all over the surface.
250 Accepts two parameters; the density (number) of the particles and the
251 maximum number of dots around the main dot.
252 $image->particle($density, $maxdots);
254 Default value of $density is dependent on your image' s width or height
256 value. The greater value of width and height is taken and multiplied by
257 twenty. So; if your width is 200 and height is 70, $density is "200 *
258 20 = 4000" (unless you pass your own value). The default value of
259 $density can be too much for smaller images.
260 $maxdots defines the maximum number of dots near the default dot.
262 Default value is 1. If you set it to 4, The selected pixel and 3 other
263 pixels near it will be used and colored.
264 The color of the particles are the same as the color of your text
266 (defined in create).
267 info_text
269 This method must be called after create. If you call it early, you'll
270 die. "info_text" adds an extra text to the generated image. You can
271 also put a strip under the text. The purpose of this method is to
272 display additional information on the image. Copyright information can
273 be an example for that.
274 $image->info_text(
276 x => 'right',
277 y => 'up',
278 gd => 1,
279 strip => 1,
280 color => '#000000',
281 scolor => '#FFFFFF',
282 text => 'Generated by GD::SecurityImage',
283 );
284 Options:
286 x Controls the horizontal location of the information text. Can be
288 either "left" or "right".
289 y Controls the vertical location of the information text. Can be
291 either "up" or "down".
292 strip
294 If has a true value, a strip will be added to the background of the
295 information text.
296 gd This option can only be used under "GD". Has no effect under
298 Image::Magick. If has a true value, the standard GD font "Tiny"
299 will be used for the information text.
300 If this option is not present or has a false value, the TTF font
302 parameter passed to "new" will be used instead.
303 ptsize
305 The ptsize value of the information text to be used with the TTF
306 font. TTF font parameter can not be set with "info_text()". The
307 value passed to "new()" will be used instead.
308 color
310 The color of the information text.
311 scolor
313 The color of the strip.
314 text
316 This parameter controls the displayed text. If you want to display
317 long texts, be sure to adjust the image, or clipping will occur.
318 out
320 This method finally returns the created image, the mime type of the
321 image and the random number(s) generated. Older versions of GD only
322 support "gif" type, while new versions support "jpeg" and "png"
323 (update: beginning with v2.15, GD resumed gif support).
324 The returned mime type is "png" or "gif" or "jpeg" for "GD" and "gif"
326 for "Image::Magick" (if you do not "force" some other format).
327 "out" method accepts arguments:
329 @data = $image->out(%args);
331 force
333 You can set the output format with the "force" parameter:
334 @data = $image->out(force => 'png');
336 If "png" is supported by the interface (via "GD" or
338 "Image::Magick"); you'll get a png image, if the interface does not
339 support this format, "out()" method will use it's default
340 configuration.
341 compress
343 And with the "compress" parameter, you can define the compression
344 for "png" and quality for "jpeg":
345 @data = $image->out(force => 'png' , compress => 1);
347 @data = $image->out(force => 'jpeg', compress => 100);
348 When you use "compress" with "png" format, the value of "compress"
350 is ignored and it is only checked if it has a true value. With
351 "png" the compression will always be 9 (maximum compression). eg:
352 @data = $image->out(force => 'png' , compress => 1);
354 @data = $image->out(force => 'png' , compress => 3);
355 @data = $image->out(force => 'png' , compress => 5);
356 @data = $image->out(force => 'png' , compress => 1500);
357 All will default to 9. But this will disable compression:
359 @data = $image->out(force => 'png' , compress => 0);
361 But the behaviour changes if the format is "jpeg"; the value of
363 "compress" will be used for "jpeg" quality; which is in the range
364 1..100.
365 Compression and quality operations are disabled by default.
367 raw
369 Depending on your usage of the module; returns the raw "GD::Image"
370 object:
371 my $gd = $image->raw;
373 print $gd->png;
374 or the raw "Image::Magick" object:
376 my $magick = $image->raw;
378 $magick->Write("gif:-");
379 Can be useful, if you want to modify the graphic yourself. If you want
381 to get an image type see the "force" option in "out".
382 gdbox_empty
384 See "path bug" in "GD bug" for usage and other information on this
385 method.
386 add_strip
388 cconvert
389 gdf
390 h2r
391 is_hex
392 r2h
393 random_angle
395 backends
396 Returns a list of available GD::SecurityImage back-ends.
397 my @be = GD::SecurityImage->backends;
399 or
401 my @be = $image->backends;
403 If called in a void context, prints a verbose list of available
405 GD::SecurityImage back-ends:
406 Available back-ends in GD::SecurityImage v1.55 are:
408 GD
409 Magick
410 Search directories:
412 /some/@INC/dir/containing/GDSI
413 you can see the output with this command:
415 perl -MGD::SecurityImage -e 'GD::SecurityImage->backends'
417 or under windows:
419 perl -MGD::SecurityImage -e "GD::SecurityImage->backends"
421
423 See the tests in the distribution. Also see the demo program
424 "eg/demo.pl" for an "Apache::Session" implementation of
425 "GD::SecurityImage".
426 Download the distribution from a CPAN mirror near you, if you don't
428 have the files.
429 OTHER USES
431 "GD::SecurityImage" drawing capabilities can also be used for counter
432 image generation or displaying arbitrary messages:
433 use CGI qw(header);
435 use GD::SecurityImage 1.64; # we need the "blank" style
436 my $font = "StayPuft.ttf";
438 my $rnd = "10.257"; # counter data
439 my $image = GD::SecurityImage->new(
441 width => 140,
442 height => 75,
443 ptsize => 30,
444 rndmax => 1, # keeping this low helps to display short strings
445 frame => 0, # disable borders
446 font => $font,
447 );
448 $image->random( $rnd );
450 # use the blank style, so that nothing will be drawn
451 # to distort the image.
452 $image->create( ttf => 'blank', '#CC8A00' );
453 $image->info_text(
454 text => 'You are visitor number',
455 ptsize => 10,
456 strip => 0,
457 color => '#0094CC',
458 );
459 $image->info_text(
460 text => '( c ) 2 0 0 7 m y s i t e',
461 ptsize => 10,
462 strip => 0,
463 color => '#d7d7d7',
464 y => 'down',
465 );
466 my($data, $mime, $random) = $image->out;
468 binmode STDOUT;
470 print header -type => "image/$mime";
471 print $data;
472
474 "die" is called in some methods if something fails. You may need to
475 "eval" your code to catch exceptions.
476
478 If you look at the demo program (not just look at it, try to run it)
479 you'll see that the random code changes after every request (successful
480 or not). If you do not change the random code after a failed request
481 and display the random code inside HTML (like "Wrong! It must be
482 <random>"), then you are doing a logical mistake, since the user (or
483 robot) can now copy & paste the random code into your validator without
484 looking at the security image and will pass the test. Just don't do
485 that. Random code must change after every validation.
486 If you want to be a little more strict, you can also add a timeout key
488 to the session (this feature currently does not exits in the demo) and
489 expire the related random code after the timeout. Since robots can call
490 the image generator directly (without requiring the HTML form), they
491 can examine the image for a while without changing it. A timeout
492 implemetation may prevent this.
493
495 See the "SUPPORT" section if you have a bug or request to report.
496 Image::Magick bug
498 There is a bug in PerlMagick' s "QueryFontMetrics()" method.
499 ImageMagick versions smaller than 6.0.4 is affected. Below text is from
500 the ImageMagick 6.0.4 Changelog:
501 <http://www.imagemagick.org/www/Changelog.html>.
502 "2004-05-06 PerlMagick's "QueryFontMetrics()" incorrectly reports
504 `unrecognized attribute'` for the `font' attribute."
505 Please upgrade to ImageMagick 6.0.4 or any newer version, if your
507 ImageMagick version is smaller than 6.0.4 and you want to use
508 Image::Magick as the backend for GD::SecurityImage.
509 GD bug
511 path bug
512 libgd and GD.pm don't like relative paths and paths that have spaces in
514 them. If you pass a font path that is not an exact path or a path that
515 have a space in it, you may get an empty image.
516 To check if the module failed to find the ttf font (when using "GD"), a
518 new method added: "gdbox_empty()". It must be called after "create()":
519 $image->create;
521 die "Error loading ttf font for GD: $@" if $image->gdbox_empty;
522 "gdbox_empty()" always returns false, if you are using "Image::Magick".
524
526 Wrong GD installation
527 I got some error reports saying that GD::SecurityImage dies with this
528 error:
529 Can't locate object method "new" via package "GD::Image"
531 (perhaps you forgot to load "GD::Image"?) at ...
532 This is due to a wrong installation of the GD module. GD includes "XS"
534 code and it needs to be compiled. You can't just copy/paste the GD.pm
535 and expect it to work. It will not. If you are under Windows and don't
536 have a C compiler, you have to add new repositories to install GD,
537 since ActiveState' s own repositories don't include GD. Randy Kobes and
538 J-L Morel have ppm repositories for both 5.6.x and 5.8.x and they both
539 have GD:
540 http://www.bribes.org/perl/ppmdir.html
542 http://theoryx5.uwinnipeg.ca/
543 bribes.org also has a GD::SecurityImage ppd, so you can just install
545 GD::SecurityImage from that repository.
546 libgd errors
548 There are some issues related to wrong/incomplete compiling of libgd
549 and old/new version conflicts.
550 libgd without TTF support
552 If your libgd is compiled without TTF support, you'll get an empty
554 image. The lines will be drawn, but there will be no text. You can
555 check it with "gdbox_empty" method.
556 GIF - Old libgd or libgd without GIF support enabled
558 If your GD has a "gif" method, but you get empty images with "gif()"
560 method, you have to update your libgd or compile it with GIF enabled.
561 You can test if "gif" is working from the command line:
563 perl -MGD -e '$_=GD::Image->new;$_->colorAllocate(0,0,0);print$_->gif'
565 or under windows:
567 perl -MGD -e "$_=GD::Image->new;$_->colorAllocate(0,0,0);print$_->gif"
569 Conclusions:
571 · If it dies, your GD is very old.
573 · If it prints nothing, your libgd was compiled without GIF enabled
575 (upgrade or re-compile).
576 · If it prints out a junk that starts with 'GIF87a', everything is
578 OK.
579
581 · Using the default library "GD" is a better choice. Since it is
582 faster and does not use that much memory, while "Image::Magick" is
583 slower and uses more memory.
584 · The internal random code generator is used only for demonstration
586 purposes for this module. It may not be effective. You must supply
587 your own random code and use this module to display it.
588 · [GD] png compression
590 Support for compression level argument to png() added in v2.07. If
592 your GD version is smaller than this, compress option to "out()"
593 will be silently ignored.
594 · [GD] setThickness
596 setThickness implemented in GD v2.07. If your GD version is smaller
598 than that and you set thickness option, nothing will happen.
599 · [GD] ellipse
601 "ellipse()" method added in GD 2.07.
603 If your GD version is smaller than 2.07 and you use "ellipse", the
605 "default" style will be returned.
606 If your GD is smaller than 2.07 and you use "ec", only the circles
608 will be drawn.
609
611 Other CAPTCHA Implementations & Perl Modules
612 · GD, Image::Magick
613 · ImagePwd, Authen::Captcha.
615 · "ImageCode" Perl Module (commercial):
617 <http://www.progland.com/ImageCode.html>.
618 · The CAPTCHA project: <http://www.captcha.net/>.
620 · A definition of CAPTCHA (From Wikipedia, the free encyclopedia):
622 <http://en.wikipedia.org/wiki/Captcha>.
623 · WebService::CaptchasDotNet: A Perl interface to http://captchas.net
625 free captcha service. captchas.net also offers audio captchas.
626 GD::SecurityImage Implementations
628 · GD::SecurityImage::AC: "Authen::Captcha" drop-in replacement
629 module.
630 · Sledge::Plugin::Captcha
632 · Catalyst::Plugin::Captcha
634 · CGI::Application::Plugin::CAPTCHA
636 · Angerwhale::Controller::Captcha
638 Software Using GD::SecurityImage
640 If your software uses "GD::SecurityImage" for captcha generation and
641 want to appear in this document, contact the author.
642
644 BUG REPORTS
645 All bug reports and wishlist items must be reported via the CPAN RT
646 system. It is accessible at
647 <http://rt.cpan.org/NoAuth/Bugs.html?Dist=GD-SecurityImage>.
648 DISCUSSION FORUM
650 "CPAN::Forum" is a place for discussing "CPAN" modules. It also has a
651 "GD::SecurityImage" section at
652 <http://www.cpanforum.com/dist/GD-SecurityImage>.
653 RATINGS
655 If you like or hate or have some suggestions about "GD::SecurityImage",
656 you can comment/rate the distribution via the "CPAN Ratings" system:
657 <http://cpanratings.perl.org/dist/GD-SecurityImage>.
658
660 Burak Gursoy <burak@cpan.org>.
661
663 Copyright 2004 - 2015 Burak Gursoy. All rights reserved.
664
666 This library is free software; you can redistribute it and/or modify it
667 under the same terms as Perl itself, either Perl version 5.12.4 or, at
668 your option, any later version of Perl 5 you may have available.
669perl v5.28.0 2018-07-14 GD::SecurityImage(3)