Image CAPTCHA

I saw this code in the website PHP Tricks & Skills. Pretty interesting code where you can implement CAPTCHA during forum submission.

Check it out.

<?php

/*
Image Verification without the need of use of database
Requirements:
-------------
(1)
Package includes the following:
sec_image.php -> Displays security image
font.ttf -> Font to be used to display
background.png -> Background to be used

(2)
Your PHP Settings/Server must enable the use of freetypefonts
PHP Function: imagettfbbox
*/

/*
Security Code 
(If editing, insure the same Code in place in sec_image.php)
*/
$SECURITY_CODE = 'LKJSDHF*(&IY#L$KUHOYL';

/*
Word Length
*/
$WORD_LENGTH = 5;

/*
Two Needed Functions, encode_pass & hex2bin
*/

/*
encode_pass, I don't remember exactly where I have gotten this before
It was a long time, so please if you know the source, email me @
support@sonimager.com & I'll add it

Encode Data Function
*/
function encode_pass($data, $pwd ){
    $pwd_length = strlen($pwd);
    for ($i = 0; $i < 255; $i++) {
         $key[$i] =  ord(substr ($pwd, ( $i % $pwd_length )+1,  1));
         $counter[$i] =  $i;
    }
    for ($i = 0; $i < 255; $i++) {
         $x = ($x  + $counter[ $i] + $key [$i ]) % 256;
         $temp_swap = $counter[$i];
         $counter[$i] =  $counter[$x];
         $counter[$x] =  $temp_swap;
    }
    for ($i = 0; $i < strlen($data);  $i++) {
         $a = ($a  + 1) % 256;
         $j = ($j  + $counter[ $a]) % 256;
         $temp = $counter[$a];
         $counter[$a] =  $counter[$j];
         $counter[$j] =  $temp;
         $k = $counter [(($counter[ $a] + $counter [$j]) %  256)];
         $Zcipher = ord(substr ($data, $i, 1)) ^ $k;
         $Zcrypt .= chr($Zcipher );
    }
    return $Zcrypt;
}

/*
Hex2Binary Function
*/

function hex2bin($hexdata) {
    for ($i=0 ;$i<strlen($hexdata);$i+= 2) {
         $bindata.=chr (hexdec(substr($hexdata,$i, 2)));
    }  
    return $bindata;
} 

/*
Lets create a random word consisting of the following letters:
*/
$letters = array("a","A" ,"b","B", "c","C","d" ,"D","e", "E","f","F" ,"g","G",
"h","H","i","I","j","J","k","K","l","L","m","M","n","N","o","O","p","P",
"q","Q","r","R","s","S","t","T","u","U","v","V","w","W","x","X","y","Y",
"z","Z","1","2","3","4","5","6","7","8","9");

/*
Create it
*/
$the_word = NULL;
for ($i= 0; $i<$WORD_LENGTH ; $i++) {
   $the_word .= $letters[rand( 0, count($letters )-1)];
}

/*
Lets encode it
*/
$new_string = encode_pass($the_word,$SECURITY_CODE);

/*
Now lets convert the hidden word into binary
(This makes it more user friendlier and browser safe)
*/
$image_code = bin2hex($new_string);

/*
Now lets echo the image
*/
echo '<img src="sec_image.php?word=' .$image_code. '">';

/*******************EXAMPLE USAGE*******************************/
/*
Example Form Usage:
Form Header:
*/

echo '<form name="security" id="security" method="post" action="' .$_SERVER['PHP_SELF'].'">';
/*
Form hidden code in hidden tag
(coded)
*/

echo '<input name="hid_code" type="hidden" id="hid_code" value="' .$image_code. '">';
/*
A chance for user to enter code
*/

echo '<input name="user_guess" type="text" id="user_guess"><input name="Submit" type="submit" value="Check">';
/*
Form end
*/

echo '</form>';

/*
Example PHP Form submition check
*/

/*
If checking a user guess
*/
if($_POST ['user_guess'] !=  NULL){
    /*
    Convert $_GET[word] From hex to binary
    */
    $hidden_word = hex2bin($_POST['hid_code']);

    /*
    Now decode the binary string
    */
    $the_word = encode_pass($hidden_word,$SECURITY_CODE);
    
    //Does it match?
    if($_POST['user_guess'] != $the_word){
        echo  'Word entered does not match security code' ;
    } else {
        echo  'Good Job';
        //Do your thing here
    }
}
?>