go top

Captcha image verification

A good way to avoid automatic form submissions when creating a web form is to add some kind of verification. One of the best ways is to use an image verification, called also captcha. What it does is to dynamically create an image with a random string displayed on it. Then visitor is asked to type that string in a text field and once the form is submitted it checks if the string on the image matches the one inputted by the user. Because there is no easy way to read a text from an image (image recognition) this is a good way to protect your web forms from spammers.
For doing this CAPTCHA I would suggest using a session variable where you store the string generated and displayed on that dynamically generated image.

<?php 
session_start();
$text = rand(10000,99999);
$_SESSION["vercode"] = $text;
$height = 25;
$width = 65;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 0, 0, 0);
$white = imagecolorallocate($image_p, 255, 255, 255);
$font_size = 14;

imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);
?>


Save this code in a file called captcha.php. What this script does is to generate a random number from 10000 to 99999 and then assign it to $_SESSION['vercode']. Then it generates a 25x65 pixels image with black background and white text using size 14. So if you upload that captcha.php file on your web site and open http://www.site.com/captcha.php you will see an image displaying random integer. You will receive a new random integer every time you refresh that page.

Next we need to create our web form.

<form action="submit.php" method="post"> 
Comment: <textarea name="coment"></textarea><br>
Enter Code <img src="captcha.php"><input type="text" name="vercode" /><br>
<input type="submit" name="Submit" value="Submit" />
</form>


Above code will create a form with a single textarea box, randomly generated image using the captcha.php script and a text field where you will have to enter the verification code.

All we have to do now is to make the submit.php script which will check if the verification code you enter matches the one that has been randomly generated.

<?php 
session_start();
if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='') {
echo '<strong>Incorrect verification code.</strong><br>';
} else {
// add form data processing code here
echo '<strong>Verification successful.</strong><br>';
};
?>
  • Free Scripts

    Add great new functionalities to your website with our Free Scripts collection.

    Free scripts
  • PHP Scripts

    Check our extensive collection of top-notch PHP Scripts that will enhance your website!

    Commercial PHP scripts

244 Comments to "Captcha image verification"

  • Partha Datta

    Partha Datta

    December 3, 2011 at 12:29 pm

    I HAM TRYING TO POST MY DATA TO THE DATABASE but nothing happens. Can you please tell me where I am making mistake.

    <?php 
    session_start();
    if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='')
    {
    echo '<strong>Incorrect verification code.</strong><br>';
    }
    else
    {

    // add form data processing code here
    echo '<strong>Verification successful.</strong><br>';
    }
    {
    $con = mysql_connect("localhost","root","");
    if (!$con)
    {
    die('Could not connect: ' . mysql_error ());
    }

    mysql_select_db("bike_db", $con);
    $sql="INSERT INTO brm200 (Fname, Lname, Gender, Brm, Contactno, Emailid, Hno, Apname, Streetname, Areaname, Cityname, Pincode, Country, Byketype, Bloodgroup, Emercontact)
    VALUES('$_POST[fname]','$_POST[lname]','$_POST[gender]','$_POST[brm]', '$_POST[contactno]', '$_POST[emailid]', '$_POST[hno]', '$_POST[apname]', '$_POST[streetname]', '$_POST[areaname]', '$_POST[cityname]','$_POST[pincode]','$_POST[country]', '$_POST[byketype]','$POST[bloodgroup]', '$POST[emercontact]')";

    if (!mysql_query($sql,$con))
    {
    die('Error: ' . mysql_error());
    }
    echo "Registration is compleated";


    mysql_close($con)
    };
    ?>

    • Sasho Valkanov

      Sasho Valkanov

      March 29, 2012 at 07:56 am

      Your MySQL code should go between line 11 and 12. This way it will only execute if captcha verification is successful.

  • pauls john

    pauls john

    November 6, 2011 at 13:26 pm

    It will not perform verification .
    $_SESSION["vercode"] is always return null value

  • manish

    manish

    October 21, 2011 at 06:30 am

    Thank for your code.this code very useful for my website security.I want to tell u something, on server side capacha validation check if capacha image is '42593' and i m entered '42593A' then its not showing error, form sumitted in case . i changed server side check, convert to string data type of both varibles as ----

    if((string)$_POST["vercode"] != (string)$_SESSION["vercode"] OR (string)$_SESSION["vercode"]=='')
    , then its running gud....
    and most important you or anybody tell me that if validation fail of capacha image then how to refresh capacha image without page refreshing...

    please answer me quickly..

  • middaily

    middaily

    October 15, 2011 at 20:51 pm

    Does it require php GD library to be active, Please advice. Its not working on my localhost. I would like to test my application on localhost and then I will make it live.

    Please help.

  • moncler outlet

    moncler outlet

    September 29, 2011 at 09:37 am

    Thank you for your blog, I benefit a lot from it

  • dana rose

    dana rose

    August 25, 2011 at 11:22 am

    hello i want ask that .. i rgster at yahoo mail but my code shown is captcha image i writte it not working .. many times i write the captcha code i can procsed to the next ,because of that code .. how can i know that .

  • kaushalya

    kaushalya

    August 20, 2011 at 19:50 pm

    I have added captcha.php & Submit.php to my website.

    It is looking perfact in front end but there is no verfication being performed by code please see... http://topcafirms.com/sales#contact

    I am non technical...I am not able to understand "// add form data processing code here" in submit.php what do i need to add here in this file.

    There is separate file for mail which contains lot of code and I am not able to understand to add here....is it

    @mail($emailid, $subject, $msg, $headers);
    or somthing else to be added....

  • mustafa khan

    mustafa khan

    August 9, 2011 at 16:08 pm

    i want to convert verification code into text format
    PLZ
    anyone tell me software
    thanking you

  • Stephan Dorkes

    Stephan Dorkes

    July 27, 2011 at 10:35 am

    How do you identify an image captcha if it's only a single picture?

  • Umar

    Umar

    June 19, 2011 at 10:01 am

    Thankz, it works nicely

Add your comment

Captcha