vuthao / cool-php-captcha Goto Github PK

What steps will reproduce the problem?
I.
Only tested in Google chrome 2.0 and Opera 9.64.

1. Add some session variable incremented each time image is loaded.
2. Draw its value in debug mode.
3. Try refreshing page/captcha (1st, 2nd and both, several times).

II. 
Fast refresh of page with captcha in example-form (check up will fail once 
even with corrent answer).

What is the expected output? What do you see instead?
It looks like "captcha" session variable is refreshed after the image is 
already drawn. That means that any attempt to enter the word from image 
will fail.

What version of the product are you using? On what operating system?
cool-php-captcha-0.2.1 on windows XP SP3 (browsers and there listed above).

Please provide any additional information below.

What steps will reproduce the problem?
1. http://127.0.0.1/example-form.php?captcha=%3Cscript%3Ealert(1)%3C/script%3E

What is the expected output? What do you see instead?
filtered with htmlspcialchars()

What version of the product are you using? On what operating system?
0.2.1

Please provide any additional information below.
textbook xss. 

Overall I think your captcha is quite secure and easy to implement. I like
the text manipluation and the random fonts. I recommend using randomly
generated answers over a list of words because possible guesses can be
compared to the list before making a real guess.

I am the Michael Brooks in this article:
http://www.forbes.com/2008/11/25/cyber-security-bots-tech-identity08-cx_ag_1125c
yberbots.html

peace 

What steps will reproduce the problem?
1. Install cool captcha
2. Add code from example form to site
3. Load page and refresh

What is the expected output? What do you see instead?

There's a 5 letter minimum variable, but it seems it's not respected because 
I'm getting 1 letter captchas 70% of the time

What version of the product are you using? On what operating system?
0.3 Windoes XP, mozilla firefox, 

Please provide any additional information below.

Seems like a regular bug, there should be a simple fix or workaround to ensure 
lengthysome codes.

Fatal error: Call to undefined function imagettftext()

PLEASE resolve my this problem..

public function __construct() {}
/**
 * public function __construct(array $array = array()){
 *     $this->config($array);
 * }
 */

public function config(array $array = array()){
    if($array !== array()){
        foreach($array as $key => $value){
            if(property_exists(__CLASS__ , $key)){
                $this->$key = $value;
            }
        }
    }
}

What steps will reproduce the problem?
1. not work with charset=utf-8 for captcha produce with string Arabic 
2.
3.

What is the expected output? What do you see instead?


What version of the product are you using? On what operating system?
@version 0.3

Please provide any additional information below.

do this captcha can work with string Arabic 

What steps will reproduce the problem?
1. Deploy the application on PHP Version 5.3.10-1 ubuntu3.7
2. invoke example-form.php
3.

What is the expected output? What do you see instead?
Captcha text image is expected, instead a blank image is seen. The captcha text 
is generated as confirmed from session captcha value when form is submitted. If 
debug is enabled, the captcha can be seen at the image bottom also. However, 
captcha image does not appear. It works once or twice in 20-30 attempts.

What version of the product are you using? On what operating system?

cool-php-captcha-0.3.1 on PHP Version 5.3.10-1 ubuntu3.7
GD version 2.0

Please provide any additional information below.
This product works perfectly on a windows platform. Attached file shows the 
issue.

What steps will reproduce the problem?
1. Installed PHP 5.3.0 (WAMP server)
2. Installed PHP 5.2.0 (WAMP server)
3. Installed cool-php-captcha

What is the expected output? What do you see instead?
With PHP5.2.0 it is working perfectly, but with PHP5.3.0 cpatcha image is not 
generating.

What version of the product are you using? On what operating system?
0.3 version

Please provide any additional information below.
in page it appears as like a missed image..

next bug is in example-form.php
line 76 and followers: <img src="captcha.php" id="captcha" />

if example-form.php ... uses headers to force cache:
- Expires in future
- or Expires to current time
- or Cache-Control WITHOUT must-revalidate, post-check=0, pre-check=0
- or Pragma private or public

so when open example-form.php -> submit form -> i.e. to send-form.php and there 
will found error in user data so show error and link with javascript 
window.history.go(-1) ... or user self go back in browser

>> user will get back to example-form.php BUT this page WILL NOT BEEN 
REQUESTED, BECAUSE IS CACHED and you get page with data that he writes 
before... that OK

>> bug is in next step... WHEN USER SUBMIT FROM AGAIN... 
-> captcha will be always SAME and always VALID becaus... cached page didn't 
change captcha
-> captcha fails every time because... first execution of sent-form.php clear 
previous captcha

solution exists request captcha.php by javascript:
script('type="text/javascript"'); 
  var captchaAction = null;
  function captcha() {
   captchaDate = new Date;
   if (captchaAction == null || captchaAction + 1000 < captchaDate.getTime()) {
    // request new captcha code and ban old one
    document.getElementById('captcha').src='captcha.php?'+Math.random();
   }
   captchaAction = captchaDate.getTime();
   setTimeout('captcha()', 250);
  }
  timerID = setTimeout('captcha()', 250); <?php
 </script>;

What steps will reproduce the problem?
I tried changing the line around 287, from:
        $this->im = imagecreatetruecolor($this->width*$this->scale, $this->height*$this->scale);

        // Background color
        $this->GdBgColor = imagecolorallocate($this->im,
            $this->backgroundColor[0],
            $this->backgroundColor[1],
            $this->backgroundColor[2]
        );
        imagefilledrectangle($this->im, 0, 0, $this->width*$this->scale, $this->height*$this->scale, $this->GdBgColor);


to:

        $this->im = imagecreatetruecolor($this->width*$this->scale, $this->height*$this->scale);
        $color = $this->create_color($this->im, null, 0);
        imagesavealpha($this->im, true);
        // Set the blending mode to false, add the bgcolor, then switch it back.
        imagealphablending($this->im, false);
        imagefilledrectangle($this->im, 0, 0, $this->width, $this->height, $color);
        imagealphablending($this->im, true);

What is the expected output? What do you see instead?
But I'm not getting anything good, background is either black, or captcha is 
not beeings seen at all, I have tied different combos, but no luck :(

What version of the product are you using? On what operating system?
Version is 0.3, Linux, PHP 5.3



Thank you for your help !

What steps will reproduce the problem?
1. Filling out form here: http://fiercestreetnetworks.com/docs/contact.php
2. Submitting form will bring you to blank screen
3.

What is the expected output? What do you see instead?
Form validating, and forwarding user. Page just goes blank

What version of the product are you using? On what operating system?
Stable relase 0.3.1 / Ubuntu Linux 12.04

Please provide any additional information below.

next bug in captcha.php

at function GetDictionaryCaptchaText(...

before fopen($wordsfile, 'r')

you must use
if (!file_exists($wordsfile)) return false; 

because is here possible Warning output... that fails load an image

*What steps will reproduce the problem?
1. Include the Captcha image twice on a single page.

*What is the expected output? What do you see instead?
Each code should have it's own session code.

*What version of the product are you using? On what operating system?
0.3

*Please provide any additional information below.
I'd like to include the Captcha image more than once on a web page that uses 
more than one form and each Captcha image have it's own code without it 
interfering with the "secretword" session veriable from the other.

Can anyone tell me a simple way to do this, without having to use 2 different 
versions of the captcha.php file?

What steps will reproduce the problem?
1. png captch not wking
2.
3.

What is the expected output? What do you see instead?


What version of the product are you using? On what operating system?


Please provide any additional information below.

What steps will reproduce the problem?
1. Nothing to display
2.
3.

What is the expected output? What do you see instead?
In debug mode i see the font type and the word but the captcha isn't shown what 
it should to be. When debug is turned off no captcha is showing

What version of the product are you using? On what operating system?
the latest stable version.

Please provide any additional information below.
Captcha is used on a webserver and in a template Jupiter.

What steps will reproduce the problem?
1. session start function is misplaced.
you will receive a error

What is the expected output? What do you see instead?

Warning: session_start() [function.session-start]: Cannot send session
cache limiter - headers already sent (output started at example-form.php on
line 21
Invalid captcha

What version of the product are you using? On what operating system?
cool-php-captcha-0.2

Please provide any additional information below.
session start needs to be moved to line 1 
example
<?php session_start(); ?>

I have attached a updated copy of example-form.php with the fix.

What steps will reproduce the problem?
1. Download the PHP Captcha files
2. Upload the files to a web server (such as http://localhost)
3. Open the example-form.php file, and see what happens..

What is the expected output? What do you see instead?
No captcha image at all.

What version of the product are you using? On what operating system?
0.3 on OS X 10.6.2.

Please provide any additional information below.

This issue can be addressed by (re)activating PHP and (re)installing GD 
graphics on your web server.

What steps will reproduce the problem?
1. Open resources/words/en.php in any text editor.

2. Search for naughty or politically incorrect words, such as "titty", 
"niggery", "sluttish" to name but a few.

3. Think about whether you want your website visitors to be confronted with 
such terms as they complete a registration or contact form.

is needed to correct link with "Not readable? Change text."

you have no limit for reloading new image... that bad... very bad

my solution is ease

when create link to captha.php use ?tag=<ID>
$tag = md5(microtime(true));
and store it to $_SESSION['captcha'][$tag] = array('reload' => 0, 'text' => 
'right answer');

is needted to add <input type="hidden" name="captcha_tag" value=" $tag " /> to 
form in example-form.php

when you try validate sent form you have excatly what captcha to use (you 
cannot unset captcha of another page...ú

on reload update informacation ...['reaload']++ and chage right_answer
(it prevent change of answer for another page captcha)
if (...['reaload'] > 10) exit because of banned an show image that next iamge 
is banned

do understand?

PS: there 4 bugs I found in 15 minutes after download :o)

in version 0.3 is problem with headers

example-form.php >>
line 81:    document.getElementById('captcha').src='captcha.php?'+Math.random();

why did you use Math.random() ??? to prevent caching?

that bad way... correct way is remove this
document.getElementById('captcha').src='captcha.php';

and add to captcha.php
add line 471: 
header('Date: Tue, 31 Aug 2010 05:27:21 GMT', true);  // current time 
header('Expires: Thu, 19 Nov 1981 08:52:00 GMT'); // time in past
header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, 
pre-check=0');
header('Pragma: no-cache');

Are you willing / would it be possible to allow me to use this project under a 
more developer friendly license like BSD / MIT instead of GPL?

What steps will reproduce the problem?
1. when FreeType Version 2.3.7

What is the expected output? What do you see instead?
captcha image result just one letter

What version of the product are you using? On what operating system?
cool-php-captcha-0.2.1

Please provide any additional information below.
In FreeType Version 2.3.4, image show correctly

I suggest to check if $_SESSION['captcha'] is not empty. Because current
example allows surpassing captcha when both session and request variables
are empty.

So fixed example should be:

if (!$_SESSION['captcha'] || (strtolower(trim($_REQUEST['captcha'])) !=
$_SESSION['captcha'])) {
    return "Invalid captcha";
}

What steps will reproduce the problem?
1. Wait for spam bots to bust

What is the expected output? What do you see instead?
I expect no spam, instead I am still getting form submission with numbers as 
the captcha instead of a valid captcha string.

next bug is in multiply use

example I have to opened two pages in same computer

edit-post.php ... set captcha to session
in next tab of browser I have edit-article.php ... that overwrite captcha 
session

so when submit form on edit-post.php ... result will be that captcha always 
fail because $_SESSION['captcha'] contain captcha for edit-article.php

solution use $_SESSION['captcha'] = array()
on create captcha use $_SESSION['captcha'][] = 'new captcha';
after read unset by unset($_SESSION['captcha'][0]);
...

session captcha and image captcha not same

Hi really nice library can you please submit to https://packagist.org/ where 
you can find php's cool libraries through composer 

What steps will reproduce the problem?
1.
2.
3.

What is the expected output? What do you see instead?


What version of the product are you using? On what operating system?


Please provide any additional information below.

<?php
/**
 * Script para la generación de CAPTCHAS
 *
 * @author  Jose Rodriguez <[email protected]>
 * @license GPLv3
 * @link    http://code.google.com/p/cool-php-captcha
 * @package captcha
 * @version 0.3
 *
 */


session_start();



$captcha = new SimpleCaptcha();



// OPTIONAL Change configuration...
//$captcha->wordsFile = 'words/es.php';
//$captcha->session_var = 'secretword';
//$captcha->imageFormat = 'png';
//$captcha->lineWidth = 3;
//$captcha->scale = 3; $captcha->blur = true;
//$captcha->resourcesPath = "/var/cool-php-captcha/resources";

// OPTIONAL Simple autodetect language example
/*
if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
    $langs = array('en', 'es');
    $lang  = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
    if (in_array($lang, $langs)) {
        $captcha->wordsFile = "words/$lang.php";
    }
}
*/



// Image generation
$captcha->CreateImage();





























/**
 * SimpleCaptcha class
 *
 */
class SimpleCaptcha {

    /** Width of the image */
    public $width  = 200;

    /** Height of the image */
    public $height = 70;

    /** Dictionary word file (empty for random text) */
    public $wordsFile = 'words/en.php';

    /**
     * Path for resource files (fonts, words, etc.)
     *
     * "resources" by default. For security reasons, is better move this
     * directory to another location outise the web server
     *
     */
    public $resourcesPath = 'resources';

    /** Min word length (for non-dictionary random text generation) */
    public $minWordLength = 5;

    /**
     * Max word length (for non-dictionary random text generation)
     * 
     * Used for dictionary words indicating the word-length
     * for font-size modification purposes
     */
    public $maxWordLength = 8;

    /** Sessionname to store the original text */
    public $session_var = 'captcha';

    /** Background color in RGB-array */
    public $backgroundColor = array(255, 255, 255);

    /** Foreground colors in RGB-array */
    // We will use random colors to generat captcha charcters (see line 278)
    //public $colors = array(
    //    array(0,0,255), // blue
    //    array(30,169,30), // green
    //    array(255,0,0),  // red
    //);
    /** Shadow color in RGB-array or null */
    public $shadowColor = null; //array(0, 0, 0);

    /** Horizontal line through the text */
    public $lineWidth = 0;

    /**
     * Font configuration
     *
     * - font: TTF file
     * - spacing: relative pixel space between character
     * - minSize: min font size
     * - maxSize: max font size
     */
    public $fonts = array(
        'Antykwa'  => array('spacing' => -3, 'minSize' => 27, 'maxSize' => 30, 'font' => 'AntykwaBold.ttf'),
        'Candice'  => array('spacing' =>-1.5,'minSize' => 28, 'maxSize' => 31, 'font' => 'Candice.ttf'),
        'DingDong' => array('spacing' => -2, 'minSize' => 24, 'maxSize' => 30, 'font' => 'Ding-DongDaddyO.ttf'),
        'Duality'  => array('spacing' => -2, 'minSize' => 30, 'maxSize' => 38, 'font' => 'Duality.ttf'),
        'Heineken' => array('spacing' => -2, 'minSize' => 24, 'maxSize' => 34, 'font' => 'Heineken.ttf'),
        'Jura'     => array('spacing' => -2, 'minSize' => 28, 'maxSize' => 32, 'font' => 'Jura.ttf'),
        'StayPuft' => array('spacing' =>-1.5,'minSize' => 28, 'maxSize' => 32, 'font' => 'StayPuft.ttf'),
        'Times'    => array('spacing' => -2, 'minSize' => 28, 'maxSize' => 34, 'font' => 'TimesNewRomanBold.ttf'),
        'VeraSans' => array('spacing' => -1, 'minSize' => 20, 'maxSize' => 28, 'font' => 'VeraSansBold.ttf'),
    );

    /** Wave configuracion in X and Y axes */
    public $Yperiod    = 12;
    public $Yamplitude = 14;
    public $Xperiod    = 11;
    public $Xamplitude = 5;

    /** letter rotation clockwise */
    public $maxRotation = 8;

    /**
     * Internal image size factor (for better image quality)
     * 1: low, 2: medium, 3: high
     */
    public $scale = 2;

    /** 
     * Blur effect for better image quality (but slower image processing).
     * Better image results with scale=3
     */
    public $blur = false;

    /** Debug? */
    public $debug = false;

    /** Image format: jpeg or png */
    public $imageFormat = 'jpeg';


    /** GD image */
    public $im;










    public function __construct($config = array()) {
    }







    public function CreateImage() {
        $ini = microtime(true);

        /** Initialization */
        $this->ImageAllocate();

        /** Text insertion */
        $text = $this->GetCaptchaText();
        $fontcfg  = $this->fonts[array_rand($this->fonts)];
        $this->WriteText($text, $fontcfg);

        $_SESSION[$this->session_var] = $text;

        /** Transformations */
        if (!empty($this->lineWidth)) {
            $this->WriteLine();
        }
        //$this->WaveImage();
        if ($this->blur && function_exists('imagefilter')) {
            imagefilter($this->im, IMG_FILTER_GAUSSIAN_BLUR);
        }
        $this->ReduceImage();


        if ($this->debug) {
            imagestring($this->im, 1, 1, $this->height-8,
                "$text {$fontcfg['font']} ".round((microtime(true)-$ini)*1000)."ms",
                $this->GdFgColor
            );
        }


        /** Output */
        $this->WriteImage();
        $this->Cleanup();
    }









    /**
     * Creates the image resources
     */
    protected function ImageAllocate() {
        // Cleanup
        if (!empty($this->im)) {
            imagedestroy($this->im);
        }

        $this->im = imagecreatetruecolor($this->width*$this->scale, $this->height*$this->scale);

        // Background color
        $this->GdBgColor = imagecolorallocate($this->im, 247, 247, 247); //change the 3 numbers to match the background color of the html element where you will place the captcha
        imagefilledrectangle($this->im, 0, 0, $this->width*$this->scale, $this->height*$this->scale, $this->GdBgColor);


        $col1 = imagecolorallocate($this->im, rand(0, 150), rand(0, 150), rand(0, 150));
        $col2 = imagecolorallocate($this->im, rand(0, 150), rand(0, 150), rand(0, 150));

        for ($i = 0; $i < 50; $i++) {
            imagesetthickness($this->im, rand(4, 5));
            imagearc(
                $this->im,
                rand(1, 300), 
                rand(1, 300), 
                rand(1, 300), 
                rand(1, 300), 
                rand(1, 300), 
                rand(1, 300), 
                (rand(0, 2) ? $col1 : $col2) 
            );
        }


        // Foreground color
        $color           = $this->colors[mt_rand(0, sizeof($this->colors)-1)];
        $this->GdFgColor = imagecolorallocate($this->im, rand(0, 150), rand(0, 150), rand(0, 150));

        // Shadow color
        if (!empty($this->shadowColor) && is_array($this->shadowColor) && sizeof($this->shadowColor) >= 3) {
            $this->GdShadowColor = imagecolorallocate($this->im,
                $this->shadowColor[0],
                $this->shadowColor[1],
                $this->shadowColor[2]
            );
        }
    }





    /**
     * Text generation
     *
     * @return string Text
     */
    protected function GetCaptchaText() {
        $text = $this->GetDictionaryCaptchaText();
        if (!$text) {
            $text = $this->GetRandomCaptchaText();
        }
        return $text;
    }






    /**
     * Random text generation
     *
     * @return string Text
     */
    protected function GetRandomCaptchaText($length = null) {
        if (empty($length)) {
            $length = rand($this->minWordLength, $this->maxWordLength);
        }

        $words  = "abcdefghijlmnopqrstvwyz";
        $vocals = "aeiou";

        $text  = "";
        $vocal = rand(0, 1);
        for ($i=0; $i<$length; $i++) {
            if ($vocal) {
                $text .= substr($vocals, mt_rand(0, 4), 1);
            } else {
                $text .= substr($words, mt_rand(0, 22), 1);
            }
            $vocal = !$vocal;
        }
        return $text;
    }









    /**
     * Random dictionary word generation
     *
     * @param boolean $extended Add extended "fake" words
     * @return string Word
     */
    function GetDictionaryCaptchaText($extended = false) {
        if (empty($this->wordsFile)) {
            return false;
        }

        // Full path of words file
        if (substr($this->wordsFile, 0, 1) == '/') {
            $wordsfile = $this->wordsFile;
        } else {
            $wordsfile = $this->resourcesPath.'/'.$this->wordsFile;
        }

        if (!file_exists($wordsfile)) {
            return false;
        }

        $fp     = fopen($wordsfile, "r");
        $length = strlen(fgets($fp));
        if (!$length) {
            return false;
        }
        $line   = rand(1, (filesize($wordsfile)/$length)-2);
        if (fseek($fp, $length*$line) == -1) {
            return false;
        }
        $text = trim(fgets($fp));
        fclose($fp);


        /** Change ramdom volcals */
        if ($extended) {
            $text   = preg_split('//', $text, -1, PREG_SPLIT_NO_EMPTY);
            $vocals = array('a', 'e', 'i', 'o', 'u');
            foreach ($text as $i => $char) {
                if (mt_rand(0, 1) && in_array($char, $vocals)) {
                    $text[$i] = $vocals[mt_rand(0, 4)];
                }
            }
            $text = implode('', $text);
        }

        return $text;
    }








    /**
     * Horizontal line insertion
     */
    protected function WriteLine() {

        $x1 = $this->width*$this->scale*.15;
        $x2 = $this->textFinalX;
        $y1 = rand($this->height*$this->scale*.40, $this->height*$this->scale*.65);
        $y2 = rand($this->height*$this->scale*.40, $this->height*$this->scale*.65);
        $width = $this->lineWidth/2*$this->scale;

        for ($i = $width*-1; $i <= $width; $i++) {
            imageline($this->im, $x1, $y1+$i, $x2, $y2+$i, $this->GdFgColor);
        }
    }




    /**
     * Text insertion
     */
    protected function WriteText($text, $fontcfg = array()) {
        if (empty($fontcfg)) {
            // Select the font configuration
            $fontcfg  = $this->fonts[array_rand($this->fonts)];
        }

        // Full path of font file
        $fontfile = $this->resourcesPath.'/fonts/'.$fontcfg['font'];


        /** Increase font-size for shortest words: 9% for each glyp missing */
        $lettersMissing = $this->maxWordLength-strlen($text);
        $fontSizefactor = 1+($lettersMissing*0.09);

        // Text generation (char by char)
        $x      = 20*$this->scale;
        $y      = round(($this->height*27/40)*$this->scale);
        $length = strlen($text);
        for ($i=0; $i<$length; $i++) {
            $degree   = rand($this->maxRotation*-1, $this->maxRotation);
            $fontsize = rand($fontcfg['minSize'], $fontcfg['maxSize'])*$this->scale*$fontSizefactor;
            $letter   = substr($text, $i, 1);

            if ($this->shadowColor) {
                $coords = imagettftext($this->im, $fontsize, $degree,
                    $x+$this->scale, $y+$this->scale,
                    $this->GdShadowColor, $fontfile, $letter);
            }
            $coords = imagettftext($this->im, $fontsize, $degree,
                $x, $y,
                $this->GdFgColor, $fontfile, $letter);
            $x += ($coords[2]-$x) + ($fontcfg['spacing']*$this->scale);
        }

        $this->textFinalX = $x;
    }



    /**
     * Wave filter
     */
    protected function WaveImage() {
        // X-axis wave generation
        $xp = $this->scale*$this->Xperiod*rand(1,3);
        $k = rand(0, 100);
        for ($i = 0; $i < ($this->width*$this->scale); $i++) {
            imagecopy($this->im, $this->im,
                $i-1, sin($k+$i/$xp) * ($this->scale*$this->Xamplitude),
                $i, 0, 1, $this->height*$this->scale);
        }

        // Y-axis wave generation
        $k = rand(0, 100);
        $yp = $this->scale*$this->Yperiod*rand(1,2);
        for ($i = 0; $i < ($this->height*$this->scale); $i++) {
            imagecopy($this->im, $this->im,
                sin($k+$i/$yp) * ($this->scale*$this->Yamplitude), $i-1,
                0, $i, $this->width*$this->scale, 1);
        }
    }




    /**
     * Reduce the image to the final size
     */
    protected function ReduceImage() {
        // Reduzco el tamaño de la imagen
        $imResampled = imagecreatetruecolor($this->width, $this->height);
        imagecopyresampled($imResampled, $this->im,
            0, 0, 0, 0,
            $this->width, $this->height,
            $this->width*$this->scale, $this->height*$this->scale
        );
        imagedestroy($this->im);
        $this->im = $imResampled;
    }








    /**
     * File generation
     */
    protected function WriteImage() {
        if ($this->imageFormat == 'png' && function_exists('imagepng')) {
            header("Content-type: image/png");
            imagepng($this->im);
        } else {
            header("Content-type: image/jpeg");
            imagejpeg($this->im, null, 80);
        }
    }







    /**
     * Cleanup
     */
    protected function Cleanup() {
        imagedestroy($this->im);
    }
}
















?>

next bug is in 
example-form.php
line 86:
<input type="text" name="captcha" id="captcha-form" /><br/>

here is missing autocomplete="off" 
<input type="text" name="captcha" id="captcha-form" autocomplete="off" /><br/>
to force browser never save history of previous submitted texts

when use a iframe in page A to include a form page B. 
That form page B is using cool-php-captcha.

Problem happened using IE 7,8 to visit page A and submit it. The captcha in 
session is empty but the submitted request is not. Even end user fresh the page 
A, problem remains. Even user click change the captcha link, problem remains.

It works fine that visitor direct access page B or use firefox.


This happened in version 0.3. Not test 0.2.1 yet.