« File uploading with PHPPut watermark on images using PHP »

Captcha image verification Posted in PHP Tutorials | 228 Comments
A good way to avoid automatic form submissions when creating a web form is to add some kind of verification. One of the best ways is to use an image verification, called also captcha. What it does is to dynamically create an image with a random string displayed on it. Then visitor is asked to type that string in a text field and once the form is submitted it checks if the string on the image matches the one inputted by the user. Because there is no easy way to read a text from an image (image recognition) this is a good way to protect your web forms from spammers.
For doing this CAPTCHA I would suggest using a session variable where you store the string generated and displayed on that dynamically generated image.

<?php 
session_start();
$text = rand(10000,99999);
$_SESSION["vercode"] = $text;
$height = 25;
$width = 65;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 0, 0, 0);
$white = imagecolorallocate($image_p, 255, 255, 255);
$font_size = 14;

imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);
?>


Save this code in a file called captcha.php. What this script does is to generate a random number from 10000 to 99999 and then assign it to $_SESSION['vercode']. Then it generates a 25x65 pixels image with black background and white text using size 14. So if you upload that captcha.php file on your web site and open http://www.site.com/captcha.php you will see an image displaying random integer. You will receive a new random integer every time you refresh that page.

Next we need to create our web form.

<form action="submit.php" method="post"> 
Comment: <textarea name="coment"></textarea><br>
Enter Code <img src="captcha.php"><input type="text" name="vercode" /><br>
<input type="submit" name="Submit" value="Submit" />
</form>


Above code will create a form with a single textarea box, randomly generated image using the captcha.php script and a text field where you will have to enter the verification code.

All we have to do now is to make the submit.php script which will check if the verification code you enter matches the one that has been randomly generated.

<?php 
session_start();
if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='') {
echo '<strong>Incorrect verification code.</strong><br>';
} else {
// add form data processing code here
echo '<strong>Verification successful.</strong><br>';
};
?>

Do you know PHP / HTML / CSS / JS well?

Write tutorial on a topic you are good in and become a trusted PHP jabber! Share your knowledge with thousands of webmasters and we will reward you for your generosity by giving you bonus points which you can use as a voucher to buy any of our commercial products. Read more about our reward program.

228 Replies to "Captcha image verification"

angie May 8, 2007 at 12:12 pm | Reply

0

Hi
I have used your scripot and all is working well, however is there a way to make the email address show in the from feild of the incoming email? at the moment i have to copy and past efrom the email feild of the form, would be great if i could just hit reply?
Thanks
-------------------
Veselin: this depends on your server configuration. However this <a href='http://www.phpjabbers.com/make-contact-form-and-send-email-in-php-php21.html'>contact form example</a> is done to send emails having the FROM field set to senders email

this part here
$mailheader = "From: ".$_POST["email"]."\r\n";
$mailheader .= "Reply-To: ".$_POST["email"]."\r\n";
Milan May 7, 2007 at 2:43 am | Reply

0

Hi there;

what is the feee for a code verification PHP script to be embeded in to our form?

Yhank you;

Milan
(310)8092237
jerry April 26, 2007 at 8:40 pm | Reply

0

Our form at bulkconveyors.com/ordernew.htm uses your
capture script. The random number generator works but I can use any number in the blank box and the email is delivered.
Can you suggesty a fix ???
-----------------------
Veselin: did you include the if() check in your submitting script
Prateek April 24, 2007 at 12:26 am | Reply

0

Hello Can i integrate your captcha script on our contact us form. We\\\'re using Autoresponder programs to collect all the field datas to our autoresponder list. please check the form here http://www.bigfootsafari.com/contact/
Omar April 23, 2007 at 5:02 pm | Reply

0

Hello
I like image verification; I use it for downloading my files in my website.
But there is a problem, when I open download page over one window, one page (last one) will accept the code but the rest won\'t because $_SESSION[\"vercode\"] changes everytime I load download page.
Also this problem exists in this current page; try to open it in many windows.
How can I solve it?
Thanks
---------------------
Veselin: you can add an if() check if the verification code has already been generated so it does not generate it twice
John Robinson April 21, 2007 at 5:00 pm | Reply

0

Hello, I would like to change the background colour to an image file, is this possible ?
-------------------
Veselin: yes, you can do that by using imagecreatefromjpeg()
http://uk2.php.net/manual/en/function.imagecreatefromjpeg.php
jerry jennings April 9, 2007 at 4:33 am | Reply

0

What is your fee to help us get the captcha script runing ?
-----------------------
Veselin Stoilov: usually $20 but it depends on your form
Jerry Jennings April 8, 2007 at 6:54 pm | Reply

0

We posted the captcha script on
URL http://*******.com/ordernew.htm
We added captcha.php and submit.php to the root directory

The black random numbers do not appear. We only get a box with an X in it.

Can you help ???

-----------------------
Veselin: your PHP seems to not support the GD image library.
Ajay Bhargav April 7, 2007 at 12:53 am | Reply

0

Thank you so much! great code :)
helped a lot.. its there on almost all the form pages :)
Jerry Widawsky April 6, 2007 at 8:35 pm | Reply

0

We entered the for in creativemarketing.com/indextest.html
and captcha.php and submit.php
the number generator doesn\'t seem to work
Can you please help

--------------------
Veselin: this is wrong
creativemarketing.com/captcha.php
you need to save as php file and have only the php code in there.


Please be polite and helpful and do not spam or offend others. We promise you will be treated the same way.

Log in your free account or if you still haven't joined our Webmaster Community Reward Program, you can create your free account now.

Posting tip:
if you use code in your comments please put it in these tags [php], [sql], [css], [js]
PHP code example: [php] echo date("Y-m-d"); [/php]

Thank you,
~ PHPJabbers team ~