image verification yardımı

<?php
// we must never forget to start the session
session_start();

$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
   // first check if the number submitted is correct
   $number = $_POST['txtNumber'];

   if (md5($number) == $_SESSION['image_random_value']) {
      include 'library/config.php';
      include 'library/opendb.php';

      $userId = $_POST['txtUserId'];
      $password = $_POST['txtPassword'];


      // check if the user id and password combination exist
      $sql = "SELECT user_id
              FROM tbl_auth_user
              WHERE user_id = '$userId'
                    AND user_password = PASSWORD('$password')";

      $result = mysql_query($sql) or
                die('Query failed. ' . mysql_error());

      if (mysql_num_rows($result) == 1) {
         // the user id and password match,
         // set the session
         $_SESSION['image_is_logged_in'] = true;

         // remove the random value from session
         $_SESSION['image_random_value'] = '';

         // after login we move to the main page
         header('Location: main.php');
         exit;
      } else {
         $errorMessage = 'Sorry, wrong user id / password';
      }

      include 'library/closedb.php';
   } else {
      $errorMessage = 'Sorry, wrong number. Please try again';
   }
}
?>

<html>
<head>
</head>

<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
<form action="" method="post" name="frmLogin" id="frmLogin">
<table width="500" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId" size="20"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword" size="20"></td>
</tr>
<tr>
<td width="150">Enter Number</td>
<td><input name="txtNumber" type="text" id="txtNumber" value="" size="20">
  <img src="randomImage.php"></td>
</tr>

<tr>
<td width="150"> </td>
<td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>

<?
if(!$url)
{
echo"url boş";
exit;
}

if(!$des){
echo"des boş.";
exit;
}


$sql="insert into $tablo

(id,mail,des,url)


values

('','$mail','$url','$des')";




$sonuc=mysql_query("$sql");

echo "olduuuu<br>";
?>

<form name="adda"  action="submit.php" method="post" >

  <table>
    <tr>
      <td width="28%" height="21"><b><font face="Trebuchet MS">URL</font></b></td>
      <td width="72%" height="21">
      <input type="text"  name="url" size="40" value="http://"></td>
    </tr>
    <tr>
      <td width="28%" height="21"><b><font face="Trebuchet MS">Des</font></b></td>
      <td width="72%" height="21">
      <!--webbot bot="Validation" b-value-required="TRUE" i-maximum-length="100" --><input type="text"  name="des" size="40" maxlength="100"></td>
    </tr>
    <tr>
      <td width="28%" height="21"><b><font face="Trebuchet MS">Email:</font></b></td>
      <td width="72%" height="21"><input type="text"  name="email" size="40"></td>
    </tr>
    <tr>
      <td width="28%" height="1"></td>
      <td width="72%" height="1">
      <p align="center">
      <input type="submit" value="Submit" name="B1" ></td>
    </tr>
  </table>

<?php
session_start();

// generate 5 digit random number
$rand = rand(10000, 99999);

// create the hash for the random number and put it in the session
$_SESSION['image_random_value'] = md5($rand);

// create the image
$image = imagecreate(60, 30);

// use white as the background image
$bgColor = imagecolorallocate ($image, 255, 255, 255);

// the text color is black
$textColor = imagecolorallocate ($image, 0, 0, 0);

// write the random number
imagestring ($image, 5, 5, 8, $rand, $textColor);

// send several headers to make sure the image is not cached
// taken directly from the PHP Manual

// Date in the past
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");

// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);

// HTTP/1.0
header("Pragma: no-cache");


// send the content type header so the image is displayed properly
header('Content-type: image/jpeg');

// send the image to the browser
imagejpeg($image);

// destroy the image to free up the memory
imagedestroy($image);
?>

<?php
// ... the login script is up here
?>
<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
<form action="" method="post" name="frmLogin" id="frmLogin">
<table width="500" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td width="150">Enter Number</td>
<td><input name="txtNumber" type="text" id="txtNumber" value="">
  <img src="randomImage.php"></td>
</tr>

<tr>
<td width="150"> </td>
<td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

<?php
// we must never forget to start the session
session_start();

$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
   // first check if the number submitted is correct
   $number = $_POST['txtNumber'];

   if (md5($number) == $_SESSION['image_random_value']) {
      include 'library/config.php';
      include 'library/opendb.php';

      $userId = $_POST['txtUserId'];
      $password = $_POST['txtPassword'];


      // check if the user id and password combination exist
      $sql = "SELECT user_id
              FROM tbl_auth_user
              WHERE user_id = '$userId'
                    AND user_password = PASSWORD('$password')";

      $result = mysql_query($sql) or
                die('Query failed. ' . mysql_error());

      if (mysql_num_rows($result) == 1) {
         // the user id and password match,
         // set the session
         $_SESSION['image_is_logged_in'] = true;

         // remove the random value from session
         $_SESSION['image_random_value'] = '';

         // after login we move to the main page
         header('Location: main.php');
         exit;
      } else {
         $errorMessage = 'Sorry, wrong user id / password';
      }

      include 'library/closedb.php';
   } else {
      $errorMessage = 'Sorry, wrong number. Please try again';
   }
}
?>

<?php
session_start();

$alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

// generate the verication code
$rand = substr(str_shuffle($alphanum), 0, 5);

// ... no changes after this point
?>

<?php
session_start();

$alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

// generate the verication code
$rand = substr(str_shuffle($alphanum), 0, 5);

// choose one of four background images
$bgNum = rand(1, 4);

$image = imagecreatefromjpeg("background$bgNum.jpg");

$textColor = imagecolorallocate ($image, 0, 0, 0);

// write the code on the background image
imagestring ($image, 5, 5, 8, $rand, $textColor);

// ... no changes after this point
?>

<?
  session_start();
  header ("Content-type: image/png");
  srand((double)microtime() * 1000000);

  $kod   = substr(md5(uniqid(rand())),0,5);
  $_SESSION["kod"] = $kod; // Kodu oturuma kaydet

  $font  = array(
     "arial.ttf",
     "bronic.ttf",
     );

  $resim = @imagecreate((strlen($kod)*20)+20,50);
  $zemin = imagecreatefrompng('zemin.png');
  $metin = imagecolorallocate ($resim, 0, 0, 0);
  imagesettile($resim,$zemin);
  imagefilledrectangle($resim,0,0,(strlen($kod)*20)+20,50,IMG_COLOR_TILED);

  for($i=0; $i < strlen($kod); $i++){
     shuffle($font);
     imagettftext($resim, 20, 0, 10+($i*20),35, $metin, "Font/".current($font),$kod[$i]);
     }

  imagepng($resim);
  imagedestroy($resim);
?>

<html>
<head></head>
<body>
<?
  # Oturumu baslat
  session_start();

  # Kodu dogrula
  if($_POST["B1"]){

     # Kod dogrulandıysa
     if($_SESSION["kod"] == $_POST["kod"]){

if(!$url) 
{ 
echo"url boş"; 
} elseif(!$des){ 
echo"des boş."; 
} else {

$sql="insert into $tablo (id,mail,des,url) values ('','$mail','$url','$des')"; 
$sonuc=mysql_query("$sql"); 

echo "olduuuu<br>"; 
}
        }

     # Dogrulanmadıysa
     else{
echo "Girdiğiniz kod hatalı !";
        }
     }

?> 



<form name="adda" action="submit.php" method="post" > 

<table> 
<tr> 
<td width="28%" height="21"><b><font face="Trebuchet MS">URL</font></b></td> 
<td width="72%" height="21"> 
<input type="text" name="url" size="40" value="http://"></td> 
</tr> 
<tr> 
<td width="28%" height="21"><b><font face="Trebuchet MS">Des</font></b></td> 
<td width="72%" height="21"><input type="text" name="des" size="40" maxlength="100"></td> 
</tr> 
<tr> 
<td width="28%" height="21"><b><font face="Trebuchet MS">Email:</font></b></td> 
<td width="72%" height="21"><input type="text" name="email" size="40"></td> 
</tr> 
<tr> 
<td width="28%" height="21"><b><font face="Trebuchet MS"><img src="resim.php">
</font></b></td> 
<td width="72%" height="21"><input type="text" name="kod" value="<?echo $_POST["kod"]?>"></td> 
</tr> 
<tr> 
<td width="28%" height="1"></td> 
<td width="72%" height="1"> 
<p align="center"> 
<input type="submit" value="Submit" name="B1" ></td> 
</tr> 
</table> 
</body></html>