This tutorial shows you how to add captcha verification to your web page with PHP
DOWNLOAD THE SOURCE CODE
The term Captcha stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It is a rather contrived acronym, but even if you don't know what it means, almost everyone has used a Captcha. They are a convenient and effective way to ensure that an action is being performed by a human, and are the first line of defense against spam generating bots.
ReCaptcha was born from the realisation that words that have fooled OCR systems set up to convert printed books to text make the perfect candidate for Captcha tests. The images of the words have already proven to be too hard for an automated system to read, and by getting a human to identify the words through a Captcha system, book scanning projects have effectively turned the internet into a human distributed processing system.
This tutorial steps you through the process of adding a ReCaptcha to your own PHP web page.
The requests to the ReCaptcha service have to be accompanied by an API key. You can get one for free here.
ReCaptcha supplies a PHP library that makes using their system easy. This tutorial assumes you are using version 1.10 (although later versions will probably work just the same), which you can download here.
The public and private keys you got in step 1 will be added as variables.
$publickey = "YourPublicKey";
$privatekey = "YourPrivateKey";
The recaptchalib.php script, which is part of the library you downloaded in step 2, then needs to be included in the page.
require_once('recaptchalib.php');
First we see if this page is being displayed for the first time, or is being displayed in response to some form feedback. For this demo the same page will both display the ReCaptcha and process the results.
if(!$_POST)
{
...
}
If !$_POST is true, this page is being displayed for the first time, and the ReCaptcha widget will be displayed. The ReCaptcha widget needs to be included as part of a HTML form that you create yourself. First we write the opening tag for a HTML form.
echo "<form action=\"\" method=\"POST\">";
Next the code for the ReCaptcha widget is written. The supplied library makes this process simple, involving just one line of code.
echo recaptcha_get_html($publickey);
In order to trigger the post back we need a form button. We also close off the form tag.
echo "<input type=\"submit\" value=\"Submit\" /></form>";
If !$_POST is false then it means that the user has submitted the form. In this case we need to validate the ReCaptcha text. Again the library makes this simple with one call to the recaptcha_check_answer function.
$response = recaptcha_check_answer(
$privatekey,
$_SERVER['REMOTE_ADDR'],
$_POST['recaptcha_challenge_field'],
$_POST['recaptcha_response_field']);
The result of the recaptcha_check_answer function tells you if the text was correctly entered. In your own application this result would determine if a blog comment or some other submission was accepted. Here we will simply tell the user if they filled in the ReCaptcha form correctly or not.
if ( $response->is_valid )
{
echo "You passed the ReCaptcha test.";
}
else
{
echo "You failed the ReCaptcha test.";
}
ReCaptcha frees web developers from having to design their own Captcha system, and at the same time facilitates book scanning projects. If you need to reduce spam and automated bot submissions, ReCaptcha is an excellent choice.
Go back to the Tutorial Index