CAPTCHA Randomization PHP Code Sample (BotDetect v3.0; deprecated)

The PHP Captcha randomization code sample shows how to easily randomize various BotDetect Captcha library parameters, beyond the basic image and sound style randomization used by default.

First Time Here?

Check the BotDetect Developer Crash Course for key integration steps.

Randomly using different Captcha image and sound generation algorithms and other parameter values (such as code length and style) can significantly improve the Captcha security.

This is the recommended approach to Captcha property setting, since it takes full advantage of the 60 Captcha image and 10 Captcha sound generation algorithms shipped with BotDetect, as well as built-in randomization features.

Setting Captcha control properties in the CaptchaConfig.php file also reduces the amount of Session state used by the library.

Download the BotDetect PHP CAPTCHA Library and run this sample

Downloaded Location

The PHP Captcha randomization code sample is included in the samples/captcha_randomization_sample folder of the download package.

index.php

<?php session_start(); ?>
<?php require("botdetect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
  <title>BotDetect PHP CAPTCHA Randomization Sample</title>
  <link type="text/css" rel="Stylesheet" href="StyleSheet.css" />
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <link type="text/css" rel="Stylesheet" href="<?php echo CaptchaUrls::
    LayoutStylesheetUrl() ?>" />
</head>
<body>
  <form method="post" action="" id="form1">

    <h1>BotDetect PHP CAPTCHA Randomization Sample</h1>

    <fieldset>
      <legend>PHP CAPTCHA validation</legend>
      <label for="CaptchaCode">Retype the characters from the picture:</label>

      <?php // Adding BotDetect Captcha to the page
        $RandomizedCaptcha = new Captcha("RandomizedCaptcha");
        $RandomizedCaptcha->UserInputID = "CaptchaCode";
        echo $RandomizedCaptcha->Html();
      ?>

      <div class="validationDiv">
        <input name="CaptchaCode" type="text" id="CaptchaCode" />
        <input type="submit" name="ValidateCaptchaButton" value="Validate" 
          id="ValidateCaptchaButton" />

        <?php // when the form is submitted
          if ($_POST) {
            // validate the Captcha to check we're not dealing with a bot
            $isHuman = $RandomizedCaptcha->Validate();

            if (!$isHuman) {
              // Captcha validation failed, show error message
              echo "<span class=\"incorrect\">Incorrect code</span>";
            } else {
              // Captcha validation passed, perform protected action
              echo "<span class=\"correct\">Correct code</span>";
            }
          }
        ?>
      </div>

    </fieldset>

  </form>
</body>
</html>

In the form source, we follow the standard procedure for adding Captcha protection to a PHP form.

botdetect/CaptchaConfig.php

<?php

// override lib settings
$LBD_CaptchaConfig = CaptchaConfiguration::GetSettings();


// Captcha code length randomization
$LBD_CaptchaConfig->CodeLength 
  = CaptchaRandomization::GetRandomCodeLength(4, 6);


// Captcha code style randomization, option 1: randomly use all possible code 
// styles
//$LBD_CaptchaConfig->CodeStyle = CaptchaRandomization::GetRandomCodeStyle();

// Captcha code style randomization, option 2: randomly choose from the given 
// set of code styles
//$LBD_CaptchaConfig->CodeStyle = 
//  CaptchaRandomization::GetRandomCodeStyle(
//    array(CodeStyle::Numeric, CodeStyle::Alpha)
//  );

// Captcha code style randomization, option 3: dependent on code length
switch($LBD_CaptchaConfig->CodeLength) {
  case 4:
    $LBD_CaptchaConfig->CodeStyle = CodeStyle::Alphanumeric;
    break;
  case 5:
    $LBD_CaptchaConfig->CodeStyle = CodeStyle::Alpha;
    break;
  case 6:
    $LBD_CaptchaConfig->CodeStyle = CodeStyle::Numeric;
    break;
}


// Captcha image style randomization, randomly choose from the given set of 
// image styles
$imageStyles = array(
  ImageStyle::Chipped, 
  ImageStyle::Negative, 
  ImageStyle::Radar, 
  ImageStyle::Fingerprints, 
  ImageStyle::Graffiti2, 
  ImageStyle::Bullets, 
  ImageStyle::Collage
);

$LBD_CaptchaConfig->ImageStyle 
  = CaptchaRandomization::GetRandomImageStyle($imageStyles);
 
// Captcha sound style randomization, randomly choose from the given set of 
// sound styles
$soundStyles = array(
  SoundStyle::Dispatch, 
  SoundStyle::RedAlert, 
  SoundStyle::Synth
);
$LBD_CaptchaConfig->SoundStyle = 
  CaptchaRandomization::GetRandomSoundStyle($soundStyles);
 
?>

Since the code sample includes the BotDetect Captcha library from a shared location, we use a local config file to override base Captcha settings. If you are just copying the whole Captcha library to the root folder of your website, you could make the same changes in the main botdetect/CaptchaConfig.php file.

In most cases, randomization of Captcha settings can be achieved using the CaptchaRandomization helper included in the Captcha library. Commented-out code shows different randomization options available - calling a randomization method without any parameters returns a value randomly selected among all possible values, while passing an array of user-defined options will restrict the randomization to only the included values.

Randomization settings can be customized to suit each individual use case; BotDetect will automatically randomize the Captcha image style by default, but other options are available. In the sample, we randomly use Captcha images containing either 4 alphanumeric characters, 5 alpha characters, or 6 numeric ones.


Please Note

The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).

An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.

General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.