Coldfusion 8 CFIMAGE and CAPTCHA

A lot of people have created a variety of different CAPTCHA implementations to help combat spam and bots from flooding comment sections on blogs or automated signup's to name only a couple.

BlogCFC uses the lyla captcha written by Peter Farrell. There are also quite a few third party tools you can also buy. Or with Coldfusion 8 you can simply use the CFIMAGE tag to create one yourself.

The reference manual says that you must provide a width attribute that is at a minimum the (fontsize * number of chars * 1.08)

Here is an example of creating a CAPTCHA image with the new CFIMAGE tag.

This creates the following image:

Bumping up the difficulty to medium produces an image with a bit more distortion.

And pushing the difficulty all the way up to "high" you end up with something like this:

The method I employed in the example code above writes the image directly to the browser.

If you decide to generate the text for your captcha image randomly there is no way for you to determine what is written to the image unless you save your random text into a variable that will be available to you after the form is submitted. For obvious reasons you shouldn't stick it into a hidden form variable.

I would suggest putting it into a session variable when you display the captcha image and then you can compare what you have in your session variable to what the user typed into the form field.