I have a MVC app and I used composer to install securimage.
The directory layout is like so:
app/
composer.json
composer.lock
vendor/
...
dahpp/securimage (with securimage.php, securimage_show.php, etc).
public_html/
.htaccess
index.php (routing, bootstrapping, etc.)
templates/
contact.php
Nothing under app is publicly available. Since securimage_show.php is not accessible, I'm trying to put the captcha generation code in the contact.php template itself.
So in that template, I have this:
<?php
session_start();
$securimage = new Securimage(array('send_headers' => false));
?>
later in the HTML...
<img id="captcha" src="<?= $securimage->show() ?>" alt="CAPTCHA Image" />
The problem is when I do this, I get a bunch of question mark gibberish (?�), like there's an encoding issue or something. If I set send_headers to true, I get an error: "Failed to generate captcha image, content has already been output. This is most likely due to misconfiguration or a PHP error was sent to the browser."
Using getCaptchaHtml() doesn't work, either. The image path that it tries to generate goes appends the absolute path on the machine to the host (http://www.example.com/var/www/app/vendor/dahpp/securimage).
What does work is a symlink in the public_html directory to the protected app directory. In other words, if I create a symlink called securimage_show.php and point it to the real file under app/vendor/dahpp/securimage, and set the img source to it:
<img id="captcha" src="securimage_show.php" alt="CAPTCHA Image" />
However, this doesn't seem as clean as using the official methods available. Is there a setting I'm missing somewhere or am I stuck using the symlink approach?
In order to show the captcha image, you must copy securimage_show.php to a publicly accessible folder so the image generation works (or create a symlink called securimage_show.php and point it to the install folder).
Then, since securimage.php is in a different path than securimage_show.php, you need to pass an option to getCaptchaHtml() so it uses the correct src attribute in the <img> tag.
$options = array('securimage_path' => '/images'); // <= change this path
echo Securimage::getCaptchaHtml($options);
The reason you get gibberish when you put $securimage->show() in the img tag is because it returns binary data representing the image, not data that can be passed to an img tag.
Securimage depends on GD and FreeType libraries for PHP. Make sure you have both installed, and the gibberish characters with display Captcha image.
Source: Been through this problem - GD was missing.