Captcha and authentication/hash/crypt
(PHP Community) Keywords: php, database, java, security
In building my nice little blog system, I'm running into the following two problems:
Currently I cannot run image magick as my wonderous site admin has not installed it. This is - apparently - preventing me from using Text_CAPTCHA from PEAR. I need a captcha solution that does not require said image manipulation libraries. Alternatively, if someone knows of a way I can install image magick into my userspace, and NOT have to convince my admin to recompile php, please let me know.
The major problems I'm running into, though is the transmission of the key, no matter how I find a way to do it, it still shows up clearly in going to the client side ($rnd = mt_rand() will still show the number client-side when echo $rnd, and therefore it is being clearly transmitted). Hmm, perhaps I could hash it server side, and then reverse the hash? But md5 hashes are one-way, yes? I'd need a crypt for that, and despite my best tries haven't located a good one. ARRGH.
Security is a bitch when you're not using pre-written. ...ESPECIALLY when you're a beginner.