Black Friday sale is now on! 50% off Laravel: The Modular Way. Learn more

Creating a simple captcha form with validation

David Carr

Demos PHP & MySQL Tutorials

  • The Form
  • Validation
  • The captcha file
  • This tutorial will show you how to create a captcha form to stop automatic submissions, to premis is simple out of 6 letter there's 3 black ones these must match when the form is submitted or an error message is presented.


    Download source files

    There are 3 files required:

    • Index.php - where the form is
    • captcha.php - generated the captcha image
    • gaptcha.jpg - captcha image

    The Form

    The form consists of an image in the src we pass the path to captcha.php this will generate the captcha image, we also provide a link to change the image without having to reload the page.

    The input field is where the user will enter the 3 black characters from the image.

    <form action="" method="post">
    <p>Only enter the 3 <b>black</b> characters:</p>
    <p><img src="captcha.php" alt="captcha image" id="captcha"><a href="#" onclick="document.getElementById('captcha').src = 'captcha.php?' + Math.random(); return false">Reload Image</a><br /><input type="text" id="captcha" name="captcha" size="3" maxlength="3"></p>
    <p><input type="submit" name="submit" value="Submit" />


    To validate the correct sequence has been entered we need to check what's in the session in order to use sessions we need to turn sessions on at the very top of the file add:


    To run the validation a check is made to make sure the form has been submitted if it has the it will run the code inside the { }

    The session captcha is created inside captcha.php

    The next step is to check the contents of the session matches the form input field called captcha, if there is no match an error is shown, likewise if there is a match a message is shown.

    //run the code only if the form has been submitted
            echo 'Characters do not match the black characters on the image.';
        } else {
            echo 'Matched';

    The captcha file

    The following is placed in its own file it creates the characters that are embedded onto the captcha image, the image is simple a background image to start with: 

    The image should be in the same directory as the captcha.php file if its not change the path accordingly below:

    header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
    header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
    header("Cache-Control: no-store, no-cache, must-revalidate");
    header("Cache-Control: post-check=0, pre-check=0", false);
    header("Pragma: no-cache");
    function _generateRandom($length=6)
        $_rand_src = array(
            array(48,57) //digits
            , array(97,122) //lowercase chars
    //        , array(65,90) //uppercase chars
        srand ((double) microtime() * 1000000);
        $random_string = "";
            $random_string .= chr(rand($_rand_src[$i1][0],$_rand_src[$i1][1]));
        return $random_string;
    $im = @imagecreatefromjpeg("captcha.jpg");
    $rand = _generateRandom(3);
    $_SESSION['captcha'] = $rand;
    ImageString($im, 9, 2, 2, $rand[0]." ".$rand[1]." ".$rand[2]." ", ImageColorAllocate ($im, 0, 0, 0));
    $rand = _generateRandom(3);
    ImageString($im, 9, 2, 2, " ".$rand[0]." ".$rand[1]." ".$rand[2], ImageColorAllocate ($im, 255, 0, 0));
    Header ('Content-type: image/jpeg');

    That's it with 2 files you can stop automatic submissions extremely useful for contact forms.

    Laravel Modules Book by David Carr

    Help support the blog so that I can continue creating new content!

    Subscribe to my newsletter

    Subscribe and get my books and product announcements.

    © 2009 - 2022 DC Blog. All code MIT license. All rights reserved.