Captcha.pm

Captcha.pm is a Perl module which provides a simple CAPTCHA framework. It's written in a object oriented programming style. Session information is stored in a hashed DB file (/var/tmp/captcha.db by default).

Usage

From its inline documentation:

  1. Put this module into /var/www/lib
  2. Create a CGI script /var/www/cgi-bin/captcha.pl which outputs a random CAPTCHA image:
    #!/usr/bin/perl -w
    
    use strict;
    use warnings;
    use FindBin qw($Bin);
    use lib dirname($Bin) . "/../lib";
    use Captcha;
    
    new Captcha()->image();
    
  3. Create a CGI script /var/www/cgi-bin/order.pl which does the real work and therefore has to be protected by a CAPTCHA:
    #!/usr/bin/perl -w
    
    use strict;
    use warnings;
    use CGI;
    use FindBin qw($Bin);
    use lib dirname($Bin) . "/../lib";
    use Captcha;
    
    my $cgi = new CGI();
    my $captcha = new Captcha();
    
    if (!$captcha->ok($cgi->param("captcha"))) {
      # user entered a wrong captcha code -> print an error
      exit -1;
    }
    
    # do the real work, e.g. place the order, do some heavy computation, etc.
    ...
    
  4. Create a form which serves as start page and where the user has to fill out several fields, including the CAPTCHA:
    <html>
    <head>
    <title>Place an order</title>
    </head>
    <body>
    <form method="POST" action="/cgi-bin/order.pl">
    ... some other input fields ...
    <div>
    <p>Please solve the following equation:</p>
    <img src="/cgi-bin/captcha.pl"> = <input type="text" name="captcha" size="4">
    </div>
    <input type="submit">
    </form>
    </body>
    </html>
    
  5. Optionally, if your start page is a CGI script, too, you might want to use the link() method provided by this module:
    #!/usr/bin/perl -w
    
    use strict;
    use warnings;
    use CGI;
    use FindBin qw($Bin);
    use lib dirname($Bin) . "/../lib";
    use Captcha;
    
    my $cgi = new CGI();
    my $captcha = new Captcha();
    
    # ... print html form ...
    
    print $captcha->link();
    
    # ... print reminder of html form ...
    

You can override builtin defaults by providing the constructor one or more of these parameters:

ParameterDefaultInfo
dbfile/var/tmp/captcha.dbLocation of the session database file
cookiecaptcha_sidName of the session cookie
width200Width of the CAPTCHA image in pixels
height50Height of the CAPTCHA image in pixels
permitted_ips[]List of IP addresses which are allowed without any CAPTCHA code; simple string-like prefix match, e.g. "192.168." matches 192.168.0.0/16
bypass_funcundefReference to a (anonymous) function which will bypass CAPTCHA checking if it returns a true value
captcha_urlcaptcha.plURL of the CGI script which prints the CAPTCHA image
captcha_fieldcaptchaName of the form field which contains the CAPTCHA code entered by the user

Examples

Download Captcha.pm, captcha.pl, and captcha_test.pl from below. Save them to the cgi-bin folder on your webserver. Point your webbrowser to /cgi-bin/captcha_test.pl on your webserver.

Downloads