using PIL for anti-automation in ASP

Doug R

I'm trying to create an anti-automation feature to prevent scripts
from running reports on our website by requiring users to enter a code
from an image (like Yahoo e-mail sign-up, or Network Solutions WHOIS
search).

I'm using Python as the scripting language in the ASP page, and using
PIL to generate the image. The code is stored into a session variable,
which is used to check the user's entry. It works fine the first time
around, but the problem I'm running into is that the page doesn't
refresh properly if the user returns to it. It just returns a blank
page.

Any help would be greatly appreciated. See code below:

<%@ LANGUAGE=Python %>
<html>
<head>
<title>Python ASP Page</title>
<%

import random
import PIL
import Image, ImageDraw, ImageFont

def password(n):

"""Returns a pseudo-random number of length n."""

# initialize empty string
s = ""

# generate random number, convert to string and append to s
for x in range(n):
i = random.randint( 1,9)
s = s + str(i)

return s

def passwordImg(p):

"""Generate s an image with text p."""

# open existing image
img = Image.open('C:\ \Inetpub\\wwwro ot\\BegASPFiles \\images\\tempp assword.gif')

# create new image
imgsize = (150,20) # image size
blue = (102,102,255) # image color
white = (255,255,255) # font color
newimg = Image.new("RGB" ,imgsize,blue)

# set font
arial = ImageFont.load( 'C:\\PythonScri pts\\PILtest\\f onts\\Arial
Bold_14_100.pil ')

# create ImageDraw object to write text
draw = ImageDraw.Draw( newimg)
draw.text((40,-1),p, fill=white,font =arial)

# paste new image with password over old image
img.paste(newim g)

# save image and return true if successful
# Note: img.save returns None
imgPath = 'C:\\Inetpub\\w wwroot\\BegASPF iles\\images\\p assword.gif'
if img.save(imgPat h):
return 0
else:
return 1
%>
</head>
<body>
<%

p = password(7)
Session.SetValu e("key",p)
Response.Write( "<p>")
//*************** ********
// check to see session variable has been written - remove for
production
//*************** ********
Response.Write( Session("key"))
Response.Write( "</p>")

Response.Write( "<p>test password:</p>")

if(passwordImg( p)):
Response.Write( "<p><img src='images/password.gif' width='150'
height='20' alt='password'> </p>")
else:
Response.Write( "<p>Passwor d image could not be generated.</p>")

Response.Write( "<form action='pythonh andler.asp' method='POST'>" )
Response.Write( "<input type='text' name='pwd' size='10'><br>" )
Response.Write( "<input type='submit' value='Submit'> ")
Response.Write( "</form>")

%>
</p>
</body>
</html>

Jul 18 '05 #1

Subscribe Reply

2447

Jay Dorsey

Doug R wrote:

I'm trying to create an anti-automation feature to prevent scripts
from running reports on our website by requiring users to enter a code
from an image (like Yahoo e-mail sign-up, or Network Solutions WHOIS
search).

I'm using Python as the scripting language in the ASP page, and using
PIL to generate the image. The code is stored into a session variable,
which is used to check the user's entry. It works fine the first time
around, but the problem I'm running into is that the page doesn't
refresh properly if the user returns to it. It just returns a blank
page.

Maybe the users browser is caching the image/page? Try a unique image
name each time, or appending a date/time stamp to the image name
(image.gif?blah =12345). First, if you're using IE, you could also
disable page/image caching in the browser (you can do this in Mozilla
too I think, and other browsers).

Jay

Jul 18 '05 #2

John J. Lee

do******@comcas t.net (Doug R) writes:

I'm trying to create an anti-automation feature to prevent scripts
from running reports on our website by requiring users to enter a code
from an image (like Yahoo e-mail sign-up, or Network Solutions WHOIS
search).

[...]

It's called a captcha.

http://www.captcha.net/
You might like to note that the site above lists several programs that
can crack the kind of captcha you're talking about with around 80-90%
accuracy. So, if you've got determined attackers, you might prefer
one of the other schemes they suggest.
John

Jul 18 '05 #3

Doug R

Thanks for the suggestions, and the reference site.

Doug

Jul 18 '05 #4

Jegenye 2001 Bt

I see trouble here. What if two users tread on each other's password.gif ?
Use a unique filename (see module "tempfile" ) that should solve your
caching problem as well.

Best,
Miklós

--
PRISZNYÁK Miklós
---
Jegenye 2001 Bt. ( mailto:je****** ***@parkhosting .com )
Egyedi szoftverkészíté s, tanácsadás
Custom software development, consulting
http://jegenye2001.parkhosting.com

Doug R <do******@comca st.net> wrote in message
news:52******** *************** ***@posting.goo gle.com...

I'm trying to create an anti-automation feature to prevent scripts
from running reports on our website by requiring users to enter a code
from an image (like Yahoo e-mail sign-up, or Network Solutions WHOIS
search).

[code deleted]

Jul 18 '05 #5

Similar topics

8184

Beginner: Anti-aliased fonts in java

by: jcnews | last post by:

I am using Windows XP and am learning how to program in Java. Is there any way to get my fonts to be anti-aliased in both editors and in my programs? The non anti-aliased fonts don't look very good and are a little harder on my eyes. Thanks.

Java

2255

VML Anti-aliasing woes

by: Jason | last post by:

Hi guys, I am having problems with VML. I had been working on a problem for sometime now, and I just recently discovered what the problem really was: VML was anti-aliasing my rectangles, but I didn't want it too. So I added the following attribute to my rectangles which solved the problem somewhat: antialias: false; On my monitor, the rectangles are drawn properly now, without anti-aliasing. However, when I print it to a printer, the

.NET Framework

2284

Anti-war quotes quiz and protest effects with JavaScript

by: rgoya | last post by:

Peace be with you! About a year ago, I created a JavaScript which turns any web site into an online anti-war protest: http://www.geocities.com/rgoya/javascript/PROTEST.HTM I have recently revamped the anti-war quotes quiz: http://www.geocities.com/rgoya/javascript/PROTCODE.HTM#usaquiz Please feel free to

Javascript

4285

Any anti-aliasing filter on image rezise?

by: Michel | last post by:

Is there a way I can anti-aliasing a gif to be able to get a hi-quality resizeable backgroundpicture. When a GIF of JPG is being resized by the browser you get wurse pictures because it needs a anti-aliasing. Maybe there is some filter for it... Or can I write my own subroutine to do this in client-browsers?

Javascript

14855

Anti aliasing on <p>text</p> - stylesheet?

by: bissatch | last post by:

Hi, I want to display text on screen with anti aliasing to make it appear smoother. Is it possible to do this in browsers by perhaps applying a style to it or is it entirely up the the browser? Cheers Burnsy

HTML / CSS

10773

Avoiding Text Anti-Aliasing

by: Martin Eyles | last post by:

Hi, I have some text on a page in a small font. The font size has been OK in other applications, but in a web browser, the legebility suffers due to the anti-aliasing. Is there a way to turn off anti-aliasing for small text from the css, or is there something else I can do to make small text more legible? (Note, the text really does have to be small, as that is what is required for the web-application. It is a system for use on screens...

HTML / CSS

2513

Using the object tag in IE

by: marc | last post by:

>From the book I am using as a reference I understood that applet tag was deprecated, but googling for information, and testing myself, it seems IE does not work properly with this new object tag. So my effort reading about the object tag was for nothing? Is there no way I can make this work for IE and Mozilla? <HTML> <HEAD> </HEAD> <BODY BGCOLOR="FFFFFF">

Javascript

5541

using WSH scripts in vb.net

by: =?Utf-8?B?TGlhbSBNYWM=?= | last post by:

Folks, Not sure if this is the correct forum for this posting, but I'm banging by head against the wall, I have been trying to use my WSH scripts in vb. net environment but not having much joy. The script is to create a shared folder and set permission. I have added all referneces to WSH and WMI refernce in VS2005. Can anyone tell me what changes do I need to make to the below code to work in VB.NET? or even direct me to code for...

.NET Framework

4664

Drawing anti-aliased lines using the GD library

by: adam.timberlake | last post by:

I was following an article on a website earlier, and although it outputted the pie chart for me perfectly, I want to make it anti- aliased somehow. I have linked to the specific article below just in case you wish to replicate for testing the anti-aliasing. I found the GD function, imageantialias() but I've tried setting it to true at the top of the code just after the imagecreate() function - but to no avail. Article:...

PHP

5116

using fopen() in write mode is failing

by: cscorley | last post by:

For some reason, I cannot use fopen() on the file in write mode. The file "time" is in the same directory as the .php file, with permissions set to 0766. PHP Version 5.2.5 Apache/2.2.8 code snip in question: $file = "time";

PHP

9643

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

9480

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...

Windows Server

10313

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

9946

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

6735

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5378

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

4044

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

3643

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

2875

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General