Home/ Questions/Q 9008039
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T01:50:54+00:00

I am trying to integrate a captchia code with using a form. What I

  • 0

I am trying to integrate a captchia code with using a form. What I have is a basic format to where I was able to get the captcha part working on its own php page. Also I was able to display a form in its own php page. The problem I am having is I’m not sure how to get both parts working together.

This is a snipit of what I have:

<?php
session_start();
    if (isset($_POST['captcha'])) {
        $_SESSION['captcha'] = rand(0, 99999999999);
        } else {
            if ($_SESSION['captcha']!==$_POST['captcha']) {
            echo 're-enter a new captcha!';
            $_SESSION['captcha'] = rand(0, 99999999999);
        }
    }
?>

    <form action="formx.php" method="POST">
            <ul>
                <li>
                    Username:<br>
                    <input type"text" name="username">
                </li>
                <li>
                    Password:<br>
                    <input type="password" name="password">
                </li>
                <li>
                    Password again:<br>
                    <input type="password" name="password2">
                </li>
                <li>
                    Email:<br>
                    <input type="text" name="email">
                </li>
                <li>
                    <input type="submit" name="captcha" value="submit">
                </li>
            </ul>
    </form>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you walk through it, you are probably missing a couple steps:

    if ($_SERVER['REQUEST_METHOD']!='POST')  //If initial load, load up captcha into session
    $_SESSION['captcha'] = rand(0,9999999999);
else{//Means form was submitted
    if (isset($_POST['captcha'])) {//Check if they entered
        if ($_SESSION['captcha']!==$_POST['captcha']) {//check if ! correct, reissue new captcha
            echo 're-enter a new captcha!';
            $_SESSION['captcha'] = rand(0, 99999999999);
        }else{
            //Everything was good, handle data
        }
    }else{//Nothing was entered, give them new captcha
        echo 'please enter the captcha!';
        $_SESSION['captcha'] = rand(0, 99999999999);
    }

}

    Now the tricky part comes when you display this to the user. If you put: 

    <li>
    Please type <?=$_SESSION['captcha']?>:<br/>
    <input type="submit" name="captcha" value="submit">
</li>

    bots will be able to bypass this. So you need to figure out how to over come this problem. Simply displaying the number and telling them to enter is good and will deter VERY basic bots. Obfuscating it (<span>1</span><span>2</span>) may make it a little more difficult, but bots can still parse it and bypass it. Saving it as a Javascript variable and then checking against it may also work, but again, can be bypassed if the bot is smart enough. An iframe may work, an image may work, user-agent parsing may help, etc etc etc. All these things would work, but it is up to you on how you want to implement it and how secure you want it.

    Personally, while I am a fan of Recaptcha as it is usually very easy to implement and requires minimal coding on my end. I also use the GD and TrueType libraries to make captcha images, but this does require a lot more programming than it may be worth if you can use Recaptcha. Finally, I do like Javascript math problems that are loaded after the page loads, which bots have a harder time loading and figuring out what is going on.

    After all is said and done, do whatever you want. If you get stuck, post your code and we can help you out.

    • 0