CAPTCHAイメージ認証(securimage) の照合ソースコードを解読してみる

securimage.php を解析してみる。

L:618行目付近 ”function check($code)”

1function check($code)
2{  
3    // 考えながら検証する
4    // $code: POSTしたデータ
5    // echo $code;   // ←POSTしたデータ
6     
7    $this->code_entered = $code;
8    $this->validate();
9    return $this->correct_code;
10}

L:1170付近 ”function validate()”

1function validate()
2{
3    // retrieve code from session, if no code exists check sqlite database if supported.
4    $code = '';
5 
6    if (isset($_SESSION['securimage_code_value']) && trim($_SESSION['securimage_code_value']) != '') {
7        if ($this->isCodeExpired($_SESSION['securimage_code_ctime']) == false) {
8            $code = $_SESSION['securimage_code_value'];
9        }
10    } else if ($this->use_sqlite_db == true && function_exists('sqlite_open')) { // no code in session - may mean user has cookies turned off
11        $this->openDatabase();
12        $code = $this->getCodeFromDatabase();
13    } else { /* session code invalid or non-existant and code not found in sqlite db or sqlite is not available */ }
14     
15    $code               = trim(strtolower($code));
16    $code_entered       = trim(strtolower($this->code_entered));
17    $this->correct_code = false;
18     
19    // echo '----------------'.$code_entered .'------------------';
20    //$code_entered: 入力したデータを小文字にしたもの
21    // echo $_SESSION['securimage_code_value'];
22    // echo '===================';
23    // echo $_SESSION['securimage_code_ctime'];
24     
25     
26    if ($code != '') {
27                if ($code == $code_entered) {
28            $this->correct_code = true;
29            $_SESSION['securimage_code_value'] = ''// ← 照合する元データ
30            $_SESSION['securimage_code_ctime'] = ''// ← 照合する元データの生成時刻
31            $this->clearCodeFromDatabase();
32            }
33    }
34}

コメントを残す