Creating Captcha Form Verification
When creating web sites for clients, it is not uncommon that you will need to create online submission forms. Luckily, with a bit of PHP and HTML we can create a slick form in a matter of seconds. Unfortunately, as is the case with most programming languages, if something can be done easily then there is very likely a catch. As nice as it is to have a cool contact form embedded in your website, it is only a matter of time until you become popular.
As in 10,000 submissions popular.
Yes, I am talking about spam. The internet can be a dangerous place for your sweet innocent little submission form, and with out the proper protection, it will most certainly catch some sort of STD (submission-transmitted disease) from a cruel bot of less-than-respectable intentions. While there are a few different methods of form verification, the most tried and true is the CAPTCHA method.
CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. While this name may sound as if they half-heartedly attempted to come up with something that would spell CAPTCHA when abbreviated, I assure you that the method itself is both effective and simple to implement.
I will briefly explain how to set up a simple CAPTCHA form verification using PHP and the GDlibrary. The GDlibrary is already included in PHP versions 3 and up. You may need to turn it on, however, using one of the following methods:
(If you are running linux on your server, you may need to yum install php-gd.)
Open your PHP.ini file. If you are running PHP version 3 or 4, find this line:
#extension=php_gd2.dll
and change it to
extension=php_gd2.dll
Otherwise, if you are running PHP version 5 you will need to find this line:
;gd.jpeg_ignore_warning = 0
and change it to
gd.jpeg_ignore_warning = 1
Now that that's out of the way, you can get down to the fun part. The actual CAPTCHA image creation function is simple; it creates a random integer and then puts it into a .jpg image. All you need to do is add one input entry into your existing form, upload the verification function (php file) to a directory on your server, and add a couple of lines to your existing form validation file. Done- it's that simple.
You can download the code for this here:
Just turn on the GDlibrary, as mentioned above, and upload this onto your server to see it in action.
All this code I pulled together from several online tutorials, and cleaned it up a bit to meet my needs. Feel free to alter it and use it as you like.
Hope this is as useful for you as it was for me!
Comments
Alternative to image captacha's
Hi Mike,
thanks for contributing the code. However I would like to introduce an alternative to image captcha's. The reason is simple: I hate captcha's. They are often very userunfriendly, because mostly it's nearly impossible to figure out what they are trying to say us.
Sometimes they are so crypted that it tooks quite a few trials to get them right. The problem is obvious: If it's easy to read for humans, the same goes for computer programs. Here is an interesting test case:
http://www.cs.sfu.ca/~mori/research/gimpy/
I came across a different approach a wordpress plugin is using. It's very easy to implement and from my experience it avoids spam completely...
You simply ask your visitor a question, which is hard for a computer to process, because even if the solution is simple, the program wont be able to understand the question. Your visitor have to type in the result in a input text form.
An example could be an easy calculation task:
Please calculate and type in the result: 3+4
Off course you have to randomly generate the task, so another time you might ask:
Please calculate and type in the result: 5-2
If the form is submitted, you simply check the result....