CAPTCHA Code Filtering PHP Code Sample

The PHP Captcha code filtering code sample shows how to use the new CAPTCHA code filtering functionality added in BotDetect CAPTCHA v3.0.

First Time Here?

Check the BotDetect Developer Crash Course for key integration steps.

You can define rules about character sequences you want to avoid using in randomly generated CAPTCHA codes and simply pass them to the Captcha library.

The CaptchaConfig.php file defines a simplified custom character set (using only 'A', 'B', 'C' and 'D'), which helps make the code filtering easier to track in action.

The $LBD_CaptchaConfig->BannedSequences setting in the same file shows how to create your own banned sequence definitions to suit your application needs. The following sequences will never appear in Captcha codes generated in the sample: D, AA, BB, CC, ABC, BCA, CAB.

Downloaded Location

The PHP Captcha code filtering code sample is included in the samples/captcha_code_filtering_sample folder of the download package.

Download the BotDetect PHP CAPTCHA Library and run this sample

index.php

<?php session_start(); ?>
<?php require("botdetect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.
  org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
  <title>BotDetect PHP CAPTCHA Code Filtering Sample</title>
  <link type="text/css" rel="Stylesheet" href="StyleSheet.css" />
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <link type="text/css" rel="Stylesheet" href="<?php echo CaptchaUrls::
    LayoutStylesheetUrl() ?>" />
</head>
<body>
  <form method="post" action="" id="form1">

    <h1>BotDetect PHP CAPTCHA Code Filtering Sample</h1>

    <fieldset>
      <legend>PHP CAPTCHA validation</legend>
      <label for="CaptchaCode">Retype the characters from the picture:</label>

      <?php // Adding BotDetect Captcha to the page
        $CodeFilteredCaptcha = new Captcha("CodeFilteredCaptcha");
        $CodeFilteredCaptcha->UserInputID = "CaptchaCode";
        echo $CodeFilteredCaptcha->Html();
      ?>

      <div class="validationDiv">
        <input name="CaptchaCode" type="text" id="CaptchaCode" />
        <input type="submit" name="ValidateCaptchaButton" value="Validate" 
          id="ValidateCaptchaButton" />

        <?php // when the form is submitted
          if ($_POST) {
            // validate the Captcha to check we're not dealing with a bot
            $isHuman = $CodeFilteredCaptcha->Validate();

            if (!$isHuman) {
              // Captcha validation failed, show error message
              echo "<span class=\"incorrect\">Incorrect code</span>";
            } else {
              // Captcha validation passed, perform protected action
              echo "<span class=\"correct\">Correct code</span>";
            }
          }
        ?>
      </div>

    </fieldset>

  </form>
</body>
</html>

In the form source, we follow the standard procedure for adding Captcha protection to a PHP form.

[back to top]

botdetect/CaptchaConfig.php

<?php

// override lib settings
$LBD_CaptchaConfig = CaptchaConfiguration::GetSettings();

$LBD_CaptchaConfig->CustomCharset = 'A,B,C,D';
$LBD_CaptchaConfig->BannedSequences = 'd,aa,bb,cc,abc,bca,cab';

?>

Since the code sample includes the BotDetect Captcha library from a shared location, we use a local config file to override base Captcha settings. If you are just copying the whole Captcha library to the root folder of your website, you could make the same changes in the main botdetect/CaptchaConfig.php file.

The Captcha code filtering algorithm works as shown in the example.

  • If the first character is "a", for second character generation we check:
    • all banned sequences of length = 2 starting with "a"
    giving us a set of characters to exclude for second character generation.
  • If the first two characters are "ab", for third character generation we check:
    • all banned sequences of length = 3 starting with "ab" AND
    • all banned sequences of length = 2 starting with "b"
    giving us a set of characters to exclude for third character generation.
  • If the first three characters are "abc", for fourth character generation we check:
    • all banned sequences of length = 4 starting with "abc" AND
    • all banned sequences of length = 3 starting with "bc" AND
    • all banned sequences of length = 2 starting with "c"
    giving us a set of characters to exclude for fourth character generation.

Since Captcha codes are short (usually 4-8 characters), such recursive processing is acceptable performance-wise.

[back to top]


Please Note

BotDetect 3.0 PHP Captcha Library Beta1 is an in-progress port of BotDetect 3.0 Captcha, and we need you to guide our efforts towards a polished product. Please let us know if you encounter any bugs, implementation issues, or a usage scenario you would like to discuss.

BotDetect 3 PHP is already available for purchase at a 33% discounted pre-release price.

© Lanapsoft, Inc. 2004-2013. All rights reserved.

BotDetect, BotDetect CAPTCHA, Lanap, Lanap CAPTCHA, Lanap BotDetect, Lanap BotDetect CAPTCHA, Lanapsoft, Lanapsoft CAPTCHA, Lanapsoft BotDetect, Lanapsoft BotDetect CAPTCHA, and Lanap Software are trademarks of Lanapsoft, Inc. All other product, brand, and company names are mentioned for identification purposes only and are trademarks or registered trademarks of their respective owners.