Hey, that is kind of cool.  Good job Martin.

Just doing the mod now so it will go back to standard while I test it.

That won't work either.

The purpose of the verification codes are so computers can't easily enter in the data.  The way it is now they could just pass the "random" value to the post script ...

Look, here's how the image verification works ...

When you go to the page a random series of numbers and letters are generated, and then added to an image.  That image is then saved as the hash value of that random number and letter sequence.  A user must enter the correct sequence and the value of that image.  The  users sequence will be verified by the image with that name AND with a valid verification ID (the hash) embedded in the registration page itself.  The value needed IS NOT in clear text ANYWHERE.  After this is verified, the user is accepted.  If not, then the image is deleted and a new one is created.  It would take a LOT of work for a computer to randomize and get that hash.  Possible?  Yes.  It would take a ton of time and effort though ... and that's just for one user.  If the value is wrong, the image is deleted.  

I'm not giving up on this  

As it is now:

A random number is generated and displayed for input
This number is then encrypted and passed to a hidden form
The user then inputs the verification code
This is then encrypted and passed to a hidden form
Finally, the 2 encrypted files are then compared, if they match the post is made
If they don't match then an error message will appear
Once posted the form is cleared so no random number and no encrypted files

I'm going to try another way not sure if it will work so won't say anything yet  

You're not getting it.

A computer can read the page and then enter the value.  If it's clear text, it's not going to work.

Is this better??

http://www.opportunitynowhere.co.uk/cgi-bin/forum/Blah.pl?

Need to do some bits for the Admin Center still, ability to turn off and on etc

The images do not load.

Hmmm......

For those not getting it, try searching for 'scraping', or start here:

http://en.wikipedia.org/wiki/Screen_scraping

and follow the links.

Quoted from Justin

The images do not load.

My fault, I have a an extra path statement in Settings.pl, not configured to keep it yet so when I done a save the path to the images went.

Loading fine for me now.

Still not loading.

And when going to:

http://www.opportunitynowhere.co.uk/cgi-bin/forum/captcha.cgi?i=888

I get the URL printed back out to me??

I was working on it  

I get the letter N when I go to:

http://www.opportunitynowhere.co.uk/cgi-bin/forum/captcha.cgi?i=888

Don't think so ...

A computer can find all the letters by going through all the numbers and getting the letter.  It may would work, just doubt it.  Also, how are you verifying it?  The hidden text is blank?

This is a pukka captcha script that I have modified extensively.

It does exactly what you said it needed to do earlier.

It takes 6 random images from 25 jpg's, then makes them into one image which is then displayed.

This is then encrypted and sent to a log file.

my $security_key2=sha1_hex($secret_word)

After the user enters the letters this is then compared against the $ecret_word

A computer can find all the letters by going through all the numbers and getting the letter.  It may would work, just doubt it.

I doubt it as they are all jpg images and not actual letters.

Hmm ...

What you need to do is have the ?i=# be totally random.  That way if you call ?i=# twice it'll change the number/letter shown.  That should make it work ...

Hey, I'm just a beginer compared to you, not sure if I could acieve that but I have an idea that I will try.

At the moment the script calls rand_key.pl which I have attached.