More by StivaSoft

« File uploading with PHPPut watermark on images using PHP »

Captcha image verification Posted in PHP Tutorials | 222 Comments
A good way to avoid automatic form submissions when creating a web form is to add some kind of verification. One of the best ways is to use an image verification, called also captcha. What it does is to dynamically create an image with a random string displayed on it. Then visitor is asked to type that string in a text field and once the form is submitted it checks if the string on the image matches the one inputted by the user. Because there is no easy way to read a text from an image (image recognition) this is a good way to protect your web forms from spammers.
For doing this CAPTCHA I would suggest using a session variable where you store the string generated and displayed on that dynamically generated image.

<?php 

session_start(); 

$text = rand(10000,99999); 

$_SESSION["vercode"] = $text; 

$height = 25; 

$width = 65; 

 

$image_p = imagecreate($width, $height); 

$black = imagecolorallocate($image_p, 0, 0, 0); 

$white = imagecolorallocate($image_p, 255, 255, 255); 

$font_size = 14; 

 

imagestring($image_p, $font_size, 5, 5, $text, $white); 

imagejpeg($image_p, null, 80); 

?>


Save this code in a file called captcha.php. What this script does is to generate a random number from 10000 to 99999 and then assign it to $_SESSION['vercode']. Then it generates a 25x65 pixels image with black background and white text using size 14. So if you upload that captcha.php file on your web site and open http://www.site.com/captcha.php you will see an image displaying random integer. You will receive a new random integer every time you refresh that page.

Next we need to create our web form.

<form action="submit.php" method="post"> 

Comment: <textarea name="coment"></textarea><br> 

Enter Code <img src="captcha.php"><input type="text" name="vercode" /><br> 

<input type="submit" name="Submit" value="Submit" /> 

</form>


Above code will create a form with a single textarea box, randomly generated image using the captcha.php script and a text field where you will have to enter the verification code.

All we have to do now is to make the submit.php script which will check if the verification code you enter matches the one that has been randomly generated.

<?php 

session_start(); 

if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='')  { 

     echo  '<strong>Incorrect verification code.</strong><br>'; 

} else { 

     // add form data processing code here 

     echo  '<strong>Verification successful.</strong><br>'; 

}; 

?>

Do you know PHP / HTML / CSS / JS well?

Write tutorial on a topic you are good in and become a trusted PHP jabber! Share your knowledge with thousands of webmasters and we will reward you for your generosity by giving you bonus points which you can use as a voucher to buy any of our commercial products. Read more about our reward program.

222 Replies to "Captcha image verification"

carmelo portugues July 28, 2007 at 2:58 am | Reply

0

just created a non-profit organization, and would like to have a captcha on my donation page or index page..would like to know how much is your fee...thank you
Jeff July 24, 2007 at 4:14 pm | Reply

0

Wow, thank you for the help getting this to work with my guest book. It was a small fee to pay, and you got the work done fast! :)
niikii July 16, 2007 at 10:08 pm | Reply

0

i saw a X , can\'t see image. any idea?
Rion Massie July 16, 2007 at 6:41 pm | Reply

0

Hey thanks for this bit of code. It works perfectly!
Dave July 5, 2007 at 4:55 am | Reply

0

I need you to add this script to my contact form for me.
Not sure how to do it. I can easily cut and paste and do a FTP upload of the script to my server.
here is my current form.
www.listedgreen.com/contact.html
I need it to work with my current PHP form that has a field required script too. See my code.
Is it PayPAL time?
-----------------------------
Veselin: We should change contact.html to contact.php. Please, send me FTP login info and once I confirm that it can be done you can paypal the money.
TheGeekster July 4, 2007 at 11:51 pm | Reply

0

Hi I am trying using this script in a guest book. Before I put this in, it ran www.*****.com/tg.pl. How do I edit submit.php to run this?? Thanks! Awesome script BTW!!!
bailey July 3, 2007 at 6:59 am | Reply

0

what do you do when the image will not show?
------------------------
Veselin: make sure that your server supports GD library and try to open www.yourwebsite.com/captcha.php to see the error message
Gia June 23, 2007 at 4:30 am | Reply

0

I love the script and was able to add it to my site. It works well. However, I would like to have it so that if they put in the wrong number \"captcha\" the email will not be sent. Any suggestions?
------------------------
Veselin: you need to add the captcha verification if() statement in your mail sending script
Johnny June 20, 2007 at 12:39 pm | Reply

0

is it possible to add an alert for verifying the verification code instead of it navigating to another page?
-------------
Veselin: using AJAX it is possible to do a captcha verification
-------------
Johny: is it possible if u could post the codes for using AJAX to do the verification?
-------------
Veselin: we do not have the code but for a small fee can do it for you
William June 13, 2007 at 9:28 am | Reply

0

Very nice script. But how to add just one captcha verification line in an existing form?


Please be polite and helpful and do not spam or offend others. We promise you will be treated the same way.

Log in your free account or if you still haven't joined our Webmaster Community Reward Program, you can create your free account now.

Posting tip:
if you use code in your comments please put it in these tags [php], [sql], [css], [js]
PHP code example: [php] echo date("Y-m-d"); [/php]

Thank you,
~ PHPJabbers team ~