« File uploading with PHPPut watermark on images using PHP »

Captcha image verification Posted in PHP Tutorials | 228 Comments
A good way to avoid automatic form submissions when creating a web form is to add some kind of verification. One of the best ways is to use an image verification, called also captcha. What it does is to dynamically create an image with a random string displayed on it. Then visitor is asked to type that string in a text field and once the form is submitted it checks if the string on the image matches the one inputted by the user. Because there is no easy way to read a text from an image (image recognition) this is a good way to protect your web forms from spammers.
For doing this CAPTCHA I would suggest using a session variable where you store the string generated and displayed on that dynamically generated image.

$text = rand(10000,99999);
$_SESSION["vercode"] = $text;
$height = 25;
$width = 65;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 0, 0, 0);
$white = imagecolorallocate($image_p, 255, 255, 255);
$font_size = 14;

imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

Save this code in a file called captcha.php. What this script does is to generate a random number from 10000 to 99999 and then assign it to $_SESSION['vercode']. Then it generates a 25x65 pixels image with black background and white text using size 14. So if you upload that captcha.php file on your web site and open http://www.site.com/captcha.php you will see an image displaying random integer. You will receive a new random integer every time you refresh that page.

Next we need to create our web form.

<form action="submit.php" method="post"> 
Comment: <textarea name="coment"></textarea><br>
Enter Code <img src="captcha.php"><input type="text" name="vercode" /><br>
<input type="submit" name="Submit" value="Submit" />

Above code will create a form with a single textarea box, randomly generated image using the captcha.php script and a text field where you will have to enter the verification code.

All we have to do now is to make the submit.php script which will check if the verification code you enter matches the one that has been randomly generated.

if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='') {
echo '<strong>Incorrect verification code.</strong><br>';
} else {
// add form data processing code here
echo '<strong>Verification successful.</strong><br>';

Do you know PHP / HTML / CSS / JS well?

Write tutorial on a topic you are good in and become a trusted PHP jabber! Share your knowledge with thousands of webmasters and we will reward you for your generosity by giving you bonus points which you can use as a voucher to buy any of our commercial products. Read more about our reward program.

228 Replies to "Captcha image verification"

smileeey August 10, 2009 at 10:08 pm | Reply


Thanks ur code reallly works
Arshak August 6, 2009 at 3:40 pm | Reply


Jeffrey August 3, 2009 at 6:21 pm | Reply


i use the same script, but with md5 encription.
James Edgar July 18, 2009 at 7:30 pm | Reply


Hi this is a really great script, but I have to be honest I'm not the best at coding! I have got as far as the final step. Do I need to copy and paste the final code into a page and name 'submit.php' or does that bit of code need to go in a specific place on my form page?

I hope you can just clear that small point up for me.

Many thanks

Dimas June 22, 2009 at 6:39 pm | Reply


great tutor..
it works fine..
Ketan June 20, 2009 at 4:32 pm | Reply


Very little code that is good.
dooodi May 20, 2009 at 11:56 am | Reply


thanks very much
paulius May 13, 2009 at 12:14 am | Reply


Is that working just on explorer? mozilla shows some junk
Ashwini May 4, 2009 at 3:45 pm | Reply


This code is superb. But i m facing some problem with this code. I already have php file for form submission and i am confuse where to put that submit.php file code in my php file. Because following code is there

echo "<script>";
echo "self.location='thanks.html'";
echo "</script>";

Please guide me where to put that code in my php file.

Thankx & Regards,
wie bali April 27, 2009 at 12:46 pm | Reply


great scripts ...!

Please be polite and helpful and do not spam or offend others. We promise you will be treated the same way.

Log in your free account or if you still haven't joined our Webmaster Community Reward Program, you can create your free account now.

Posting tip:
if you use code in your comments please put it in these tags [php], [sql], [css], [js]
PHP code example: [php] echo date("Y-m-d"); [/php]

Thank you,
~ PHPJabbers team ~