« File uploading with PHPPut watermark on images using PHP »

Captcha image verification Posted in PHP Tutorials | 238 Comments
A good way to avoid automatic form submissions when creating a web form is to add some kind of verification. One of the best ways is to use an image verification, called also captcha. What it does is to dynamically create an image with a random string displayed on it. Then visitor is asked to type that string in a text field and once the form is submitted it checks if the string on the image matches the one inputted by the user. Because there is no easy way to read a text from an image (image recognition) this is a good way to protect your web forms from spammers.
For doing this CAPTCHA I would suggest using a session variable where you store the string generated and displayed on that dynamically generated image.

$text = rand(10000,99999);
$_SESSION["vercode"] = $text;
$height = 25;
$width = 65;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 0, 0, 0);
$white = imagecolorallocate($image_p, 255, 255, 255);
$font_size = 14;

imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

Save this code in a file called captcha.php. What this script does is to generate a random number from 10000 to 99999 and then assign it to $_SESSION['vercode']. Then it generates a 25x65 pixels image with black background and white text using size 14. So if you upload that captcha.php file on your web site and open http://www.site.com/captcha.php you will see an image displaying random integer. You will receive a new random integer every time you refresh that page.

Next we need to create our web form.

<form action="submit.php" method="post"> 
Comment: <textarea name="coment"></textarea><br>
Enter Code <img src="captcha.php"><input type="text" name="vercode" /><br>
<input type="submit" name="Submit" value="Submit" />

Above code will create a form with a single textarea box, randomly generated image using the captcha.php script and a text field where you will have to enter the verification code.

All we have to do now is to make the submit.php script which will check if the verification code you enter matches the one that has been randomly generated.

if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='') {
echo '<strong>Incorrect verification code.</strong><br>';
} else {
// add form data processing code here
echo '<strong>Verification successful.</strong><br>';

Do you know PHP / HTML / CSS / JS well?

Write tutorial on a topic you are good in and become a trusted PHP jabber! Share your experience with millions of other webmasters visiting our website. Contact us for more information how to become a contributor.

238 Replies to "Captcha image verification"

Kaddy February 28, 2011 at 10:32 pm | Reply


@gg to do the same captcha replace rand(10000,99999) with the captcha that you want.
tols12 January 20, 2011 at 7:02 am | Reply


I used these codes and they worked great! I have a code to email me when a form is submitted. Here is the code: mail(\"my email\", \"Contact Us Request\", \"Information Requested:\\n\\n$message\", \"From: $email\");. However, even if i enter the wrong verification code, it still emails me. How do i set the verification code not to email me if the code is incorrect? Any help would be appreciated! Thanks!!!
Ryan January 17, 2011 at 2:08 am | Reply


This is only working in IE for me, its displaying random garble in chrome and firefox.
Nitish Lamba January 11, 2011 at 1:31 pm | Reply


where to save second code started with <form....
and what should be the mane..
Idris Suryadireja December 30, 2010 at 12:22 pm | Reply


thanx for script your captcha :))
Chris November 4, 2010 at 11:22 pm | Reply


So simple and works great. Good work.
mark November 2, 2010 at 1:52 pm | Reply


Hi, I have already made a good looking contact form and it works via a formtoemail.php file, just woundering how would i add this captcha code to my existing contact form so i dont get spam thanks for your help
Luke Williams November 1, 2010 at 6:57 pm | Reply


it comes up with a error and i cant save it
Megh September 23, 2010 at 11:31 am | Reply


hiii,my captcha.php generates image perfectly in my browser bt when i insert the web form into the same file then i dont get the image infact get many charaters like in unicode form,can u solve the problem for me
Tamilselvan June 14, 2010 at 9:45 pm | Reply


Hi hello,
Generating the captcha image is success but if i want to store that in my db which type of column will i use like int, vatchar, char, text etc. i am new to php please help

Please be polite and helpful and do not spam or offend others. We promise you will be treated the same way.

Log in your free account or if you still haven't joined you can create your free account now.

Posting tip:
if you use code in your comments please put it in these tags [php], [sql], [css], [js]
PHP code example: [php] echo date("Y-m-d"); [/php]

Thank you,
~ PHPJabbers team ~