« File uploading with PHPPut watermark on images using PHP »

Captcha image verification Posted in PHP Tutorials | 238 Comments
A good way to avoid automatic form submissions when creating a web form is to add some kind of verification. One of the best ways is to use an image verification, called also captcha. What it does is to dynamically create an image with a random string displayed on it. Then visitor is asked to type that string in a text field and once the form is submitted it checks if the string on the image matches the one inputted by the user. Because there is no easy way to read a text from an image (image recognition) this is a good way to protect your web forms from spammers.
For doing this CAPTCHA I would suggest using a session variable where you store the string generated and displayed on that dynamically generated image.

$text = rand(10000,99999);
$_SESSION["vercode"] = $text;
$height = 25;
$width = 65;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 0, 0, 0);
$white = imagecolorallocate($image_p, 255, 255, 255);
$font_size = 14;

imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

Save this code in a file called captcha.php. What this script does is to generate a random number from 10000 to 99999 and then assign it to $_SESSION['vercode']. Then it generates a 25x65 pixels image with black background and white text using size 14. So if you upload that captcha.php file on your web site and open http://www.site.com/captcha.php you will see an image displaying random integer. You will receive a new random integer every time you refresh that page.

Next we need to create our web form.

<form action="submit.php" method="post"> 
Comment: <textarea name="coment"></textarea><br>
Enter Code <img src="captcha.php"><input type="text" name="vercode" /><br>
<input type="submit" name="Submit" value="Submit" />

Above code will create a form with a single textarea box, randomly generated image using the captcha.php script and a text field where you will have to enter the verification code.

All we have to do now is to make the submit.php script which will check if the verification code you enter matches the one that has been randomly generated.

if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='') {
echo '<strong>Incorrect verification code.</strong><br>';
} else {
// add form data processing code here
echo '<strong>Verification successful.</strong><br>';

Do you know PHP / HTML / CSS / JS well?

Write tutorial on a topic you are good in and become a trusted PHP jabber! Share your experience with millions of other webmasters visiting our website. Contact us for more information how to become a contributor.

238 Replies to "Captcha image verification"

Parthasarathy April 26, 2013 at 3:50 pm | Reply


Please give codes for captcha.php and submit.php fully with example output.

xcer1212 March 16, 2013 at 8:35 pm | Reply


to make dirty images :)

$lines = mt_rand(1,5);

for( $i=0; $i<$lines; $i++ ) {
mt_rand(0,$width), mt_rand(0,$height),
mt_rand(0,$width), mt_rand(0,$height),
imagecolorallocate($image_p, mt_rand(150,255), mt_rand(150,255), mt_rand(150,255)));

Adebayo Michael March 4, 2013 at 3:19 am | Reply


please help i got a parse error at line 8, Where we have $image_p = imagecreate($width, $height); I checked the previous line and it was ok. please assist. Thanks
kalitso February 2, 2013 at 5:02 pm | Reply


i cant understand despite un put correct code i receive this error :

Incorrect verification code ............ :(
Joshua December 3, 2012 at 8:30 pm | Reply


can i use this in php mvc codeigniter?
Balveer kumar November 5, 2012 at 8:16 am | Reply



please provide the string capcha code like "ATcb1234"

my code is bellow but its an error
session_start ();
$t1= rand(A,Z);
$t2= rand (a,z);
$t3= rand(100,500);
$tx= "$t1"."$t2"."$t3" ;
$_SESSION['cap']= $tx;
header ("content-type: image/jpeg");
$w =80;
$image=imagecreate ($w,$h);
$b1=imagecolorallocate ($image, 00,00,00);
$ww=imagecolorallocate ($image, 255,255,255);
imagestring ($image,$f,7,7,$tx,$ww);
imagejpeg ($image, null, 50);
Makc December 29, 2012 at 5:11 pm


// Send ALL headers before session_start() is invoked
header ("content-type: image/jpeg");

session_start ();

// Function returns random symbol string
// Accepts symbol quantity of the returned string
function randomCaptcha($symbol_qty){

// Use range() instead of random for strings
$symbol_list = array_merge(range('a', 'z'), range('A', 'Z'), range('0', '25'));
foreach (array_rand($symbol_list, $symbol_qty) as $v) {
$random_captcha .= $symbol_list[$v];
return $random_captcha;

// Get a random string with 5 characters in it
$tx = randomCaptcha(5);

// Thats all, here goes your code ;)
$_SESSION['cap']= $tx;

$w =80;
$image=imagecreate ($w,$h);
$b1=imagecolorallocate ($image, 00, 00, 00);
$ww=imagecolorallocate ($image, 255, 255, 255);
imagestring ($image,$f,7,7,$tx,$ww);
imagejpeg ($image, null, 50);
sss October 11, 2012 at 11:07 am | Reply


image cant be view.....hepl me:(
eranga November 17, 2012 at 6:53 am


used this after <?php tag if not used it header
('Content-type: image/jpeg');
ajith August 8, 2012 at 3:35 pm | Reply


if you get a blank page or a 500 error for captcha.php its because you dont have the GD library installed for php. you can check if you have the library if you create a test page which looks like <?php phpinfo(); ?>.
also add the following line on the tope of your captcha.php file for it to work properly.
"header('Content-type: image/jpeg');"
prashant January 26, 2013 at 3:59 pm


sir, i have enabled gd library and wrote header as you have mentioned... but image still not displayed...
kkk August 6, 2012 at 6:04 am | Reply


image can't be seen, help me :(. thanks.
medesigns October 1, 2012 at 7:26 am


I also can't see image. just a missing image icon.
irctc login July 31, 2012 at 9:20 am | Reply


Really helped me. I will include this in my irctc login page

Please be polite and helpful and do not spam or offend others. We promise you will be treated the same way.

Log in your free account or if you still haven't joined you can create your free account now.

Posting tip:
if you use code in your comments please put it in these tags [php], [sql], [css], [js]
PHP code example: [php] echo date("Y-m-d"); [/php]

Thank you,
~ PHPJabbers team ~