Captcha Class in PHP
What is Captcha? Captcha is used to ensure that the response from a form submission is not generated by a computer but rather a human. This Captcha class generates a customizable anti-spam image to use in your projects. I wrote it a while back because there weren't any on the market which offered the flexibility to modify the look and feel to complement different website designs.
Options
The Captcha is fully customizable and offers options that can be changed on the fly.
- Font - You can use any True Type Font.
- Background Color - The color of the background can be modified.
- Background Noise Color - The color of the noise in the background can be modified.
- Captcha Code Color - The color of the Captcha code can be modified.
- Width - Modify the width.
- Height - Modify the height.
- Length - Modify the length of the Captcha code.
How do I use it?
The Captcha is setup with default options so using it is easy. All you need to do is include the captcha.php file in the src of an image like this:
<img src="captcha.php" alt="Human Validation" />
You can customize the appearance of the Captcha to suite your needs as well. All you have to do is pass parameters to the file like this:
<img src="captcha.php?f=fonts/Gill Sans MT.ttf&b=cccccc&n=dddddd&c=777777&w=140&h=30&l=8" alt="Human Validation" />
Where:
- f - The path to the TTF to use.
- b - The background color of the Captcha.
- n - The background noise color of the Captcha.
- c - The color of the Captcha text.
- w - The width of the Captcha.
- h - The height of the Captcha.
- l - The length of the Captcha text.
Validating the correct code
You typically use a Captcha on a form to thwart spam submissions. When the form is submitted, you'll hopefully do various validations on the data submitted. During that time, you'll check that the code submitted matches the code stored in a session variable. So here is an example of that.
<?php
session_start();
if($_POST['security_image_code'] == $_SESSION['security_code']) {
echo('Valid code');
}
else {
echo('Invalid code');
}
?>
Since the code is stored in a session variable, you'll want to make sure that you start a session before any output is sent to the browser.
