0

I made a php file, called createCaptcha.php, and the code is this :

create_image(); 
exit(); 

function create_image() { 
    //Let's generate a totally random string using md5 
    $md5_hash = md5(rand(0,999)); 
    //We don't need a 32 character long string so we trim it down to 5 
    $security_code = substr($md5_hash, 15, 5); 

    //Set the session to store the security code
    $_SESSION["security_code"] = $security_code;

    //Set the image width and height 
    $width = 100; 
    $height = 20;  

    //Create the image resource 
    $image = ImageCreate($width, $height);  

    //We are making three colors, white, black and gray 
    $white = ImageColorAllocate($image, 255, 255, 255); 
    $black = ImageColorAllocate($image, 0, 0, 0); 
    $grey = ImageColorAllocate($image, 204, 204, 204); 

    //Make the background black 
    ImageFill($image, 0, 0, $black); 

    //Add randomly generated string in white to the image
    ImageString($image, 3, 30, 3, $security_code, $white); 

    //Throw in some lines to make it a little bit harder for any bots to break 
    ImageRectangle($image,0,0,$width-1,$height-1,$grey); 
    imageline($image, 0, $height/2, $width, $height/2, $grey); 
    imageline($image, $width/2, 0, $width/2, $height, $grey); 

    //Tell the browser what kind of file is come in 
    header("Content-Type: image/jpeg"); 

    //Output the newly created image in jpeg format 
    ImageJpeg($image); 

    //Free up resources
    ImageDestroy($image); 
}

Now, when I try to do an include('createCaptcha.php'); I get this warning :

Warning: Cannot modify header information - headers already sent by (output started at C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\gtw\index.php:14) in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\gtw\registration\createCaptcha.php on line 43

And the output is a series of incomprensible bits (I think the ones which rapresent the image). In fact I setup the header before. How can I fix this problem?

markzzz
  • 47,390
  • 120
  • 299
  • 507

3 Answers3

3

do not include 'createCaptcha.php' call it

<img src="path/to/your/script/createCaptcha.php"/>

your index.php which include 'createCaptcha.php' is sending header first and it conflict header for jpg - Sjoerd explain it more whan well

and also exit() is not needed

bensiu
  • 24,660
  • 56
  • 77
  • 117
  • Exactly. The document has its headers identifying it as HTML, and then including a script with an image header leaves you in limbo. Addressing the script as an image lets that image header do its job and lets the script return an image properly, effectively mimicking an image in the document. – Surreal Dreams Mar 11 '11 at 15:42
  • make sure to have correct path/to/your/script/, make sure that only open php tag at very begining do not close, make sure that script generating image - no errors, warnings, or notices – bensiu Mar 11 '11 at 15:44
  • Perfect! this rocks. Is it possible to call that function directly from the src image, instead of a php file? – markzzz Mar 11 '11 at 15:46
  • I mean, can I call directly create_image() ? – markzzz Mar 11 '11 at 16:00
  • Brad Christi in http://stackoverflow.com/questions/5275273/php-call-a-function-from-a-img-src gave you full details :) – bensiu Mar 11 '11 at 16:10
2

Don't output anything before calling create_image(). Apparently index.php is outputting something on line 14.

If there is already content sent to the client, the headers can no longer be modified, so the server can not tell the browser that the content is actually a JPEG file instead of an HTML file.

Sjoerd
  • 74,049
  • 16
  • 131
  • 175
  • Uhm...I can't :) In fact, is strange, because this trouble is always in localhost. On the real server, the image is showed... – markzzz Mar 11 '11 at 15:39
0

Headers already sent means that you have already output something earlier on the page.

If you echo out something before header() is sent, the browser will be sent a header automatically.

aphonicx
  • 1