ASP Classic Form CAPTCHA VBScript Code Sample (BotDetect v3.0; deprecated)
The ASP Classic Form Captcha code sample shows how to add BotDetect Classic ASP Captcha protection to a typical ASP form.
First Time Here?
Check the BotDetect Developer Crash Course for key integration steps.
Captcha validation is integrated with other form fields validation, and only submissions that meet all validation criteria are accepted.
If the Captcha is successfully solved but other field validation fails, the Captcha is hidden since the users have already proven they are human.
This kind of validation could be used on various types of public forms which accept messages, and are at risk of unwanted automated submissions.
For example, it could be used to ensure bots can't submit anything to a contact form, add guestbook entries, blog post comments or anonymous message board / forum replies.
Installed Location
By default, the Classic ASP form Captcha code sample is installed at:
C:\Program Files\Lanapsoft\BotDetect 3 CAPTCHA Component\Asp\WebApp\AspFormCaptchaSample
You can also run it from the BotDetect Start Menu:
Programs > Lanapsoft > BotDetect 3 CAPTCHA Component > ASP > Web Applications > Run
Default.asp
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>BotDetect CAPTCHA ASP Form Sample</title> <link type="text/css" rel="Stylesheet" href="StyleSheet.css" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <!-- #include file ="BotDetect.asp" --> </head> <body> <form method="post" action="ProcessForm.asp" id="form1"> <h1>BotDetect CAPTCHA ASP Form Sample</h1> <h2>Add Message</h2> <fieldset> <legend>CAPTCHA included in ASP form validation</legend> <div class="input"> <label for="Name">Name:</label> <input type="text" name="Name" id="Name" class="textbox" value="<%=Request("Name") %>" /> <% ' name validation failed, show error message If Request("nameValid") = "False" Then %> <span class="incorrect">*</span><% End If %> </div> <div class="input"> <label for="Email">Email:</label> <input type="text" name="Email" id="Email" class="textbox" value="<%=Request("Email") %>" /> <% ' email validation failed, show error message If Request("emailValid") = "False" Then %> <span class="incorrect">*</span><% End If %> </div> <div class="input"> <label for="Message">Short message:</label> <textarea class="inputbox" id="Message" name="Message" rows="5" cols="40"><%=Request("Message") %></textarea> <% ' message validation failed, show error message If Request("messageValid") = "False" Then %> <span class="incorrect">*</span><% End If %> </div> <div class="input"> <div class="input"> <% ' Adding BotDetect CAPTCHA to the page Dim FormCaptcha : Set FormCaptcha = (New Captcha)("FormCaptcha") FormCaptcha.UserInputID = "CaptchaCode" If Not FormCaptcha.IsSolved Then %> <label for="CaptchaCode">Retype the characters from the picture:</label> <%=FormCaptcha.Html %> <input type="text" name="CaptchaCode" id="CaptchaCode" class="textbox" /><% ' CAPTCHA validation failed, show error message If Request("captchaValid") = "False" Then %> <span class="incorrect">*</span><% End If End If %> </div> <input type="submit" name="SubmitButton" id="SubmitButton" value="Submit" /> </fieldset> <br /> <p class="navigation"><a href="Messages.asp">View Messages</a></p> </form> </body> </html>
As explained in the Captcha object generates the Html markup required to show the Captcha image and the Captcha sound / reload buttons.
To hide the Captcha challenge after the user solves it, the Captcha object's Html value is only added to the page if not already solved (If Not LoginCaptcha.IsSolved Then ...)
ProcessForm.asp
<!-- #include file ="BotDetect.asp" --> <% Dim form_page : form_page = "Default.asp" Dim view_page : view_page = "Messages.asp" 'directly accessing this script is an error If Not Request.ServerVariables("REQUEST_METHOD") = "POST" Then Response.Redirect form_page End If ' submitted data Dim name : name = Request("name") Dim email : email = Request("email") Dim message : message = Request("message") form_page = form_page & "?name=" & Server.URLEncode(name) & "&email=" & Server.URLEncode(email) & "&message=" & Server.URLEncode( message) ' total form validation result Dim isPageValid : isPageValid = True ' Captcha validation Dim FormCaptcha : Set FormCaptcha = (New Captcha)("FormCaptcha") FormCaptcha.UserInputID = "CaptchaCode" If Not FormCaptcha.IsSolved Then Dim isHuman : isHuman = FormCaptcha.Validate() isPageValid = isPageValid And isHuman form_page = form_page & "&captchaValid=" & isHuman End If ' name validation Dim isNameValid : isNameValid = ValidateName(name) isPageValid = isPageValid And isNameValid form_page = form_page & "&nameValid=" & isNameValid ' email validation Dim isEmailValid : isEmailValid = ValidateEmail(email) isPageValid = isPageValid And isEmailValid form_page = form_page & "&emailValid=" & isEmailValid ' message validation Dim isMessageValid : isMessageValid = ValidateMessage(Message) isPageValid = isPageValid And isMessageValid form_page = form_page & "&messageValid=" & isMessageValid If Not isPageValid Then ' form validation failed, show error message Response.Redirect form_page End If ' keep a collection of submitted valid messages in Application state Call SaveMessage(name, message) Call FormCaptcha.Reset Response.Redirect view_page ' name validation Function ValidateName(name) Dim result : result = False If (Len(name) > 2 And Len(name) < 30) Then result = True End If ValidateName = result End Function ' email validaton Function ValidateEmail(email) Dim result : result = False If (Len(email) < 5 Or Len(email) > 100) Then result = False Else Dim regEx : Set regEx = New RegExp regEx.Pattern = "^(.+)@(.+)\.(.+)$" result = regEx.Test(email) End If ValidateEmail = result End Function ' message Function ValidateMessage(message) Dim result : result = False If (Len(message) > 2 And Len(message) < 255) Then result = True End If ValidateMessage = result End Function ' data storage Sub SaveMessage(name, email, message) ' we want to keep the sample code simple, so we'll store the messages in Application state despite it being unfit for real- world use in such scenarios; ' using a database or another appropriate persistence medium would complicate the sample code Application.Lock Application("Message_" & FormCaptcha.InstanceID) = Server. HTMLEncode(name) & " (" & Server.HTMLEncode(email) & ") says: " & Server.HTMLEncode(message) Application.UnLock End Sub %>
Form submission validation is performed in this file, which checks all required fields and redirects the user back to the form if validation fails. Captcha validation is treated no different than other field validation.
Once form validation succeeds, the submitted values are saved and the Captcha challenge is reset (Call FormCaptcha.Reset). This means each individual message requires Captcha validation, which helps prevent attacks where a malicious user could solve the Captcha once and then automate further form posts within the same Session.
Messages.asp
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>BotDetect CAPTCHA ASP Form Sample</title> <link type="text/css" rel="Stylesheet" href="StyleSheet.css" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> </head> <body> <h1>BotDetect CAPTCHA ASP Form Sample</h1> <h2>View Messages</h2> <% Dim count : count = 0 For Each val In Application.Contents If InStr(val, "Message_") And Application(val) <> "" Then Response.Write "<p class=""message"">" & Application(val) & "< /p>" count = count + 1 End If Next If count = 0 Then Response.Write "<p class=""message"">No messages yet.</p>" End If %> <br /> <p class="navigation"><a href="Default.asp">Add Message</a></p> </body> </html>
This page displays all successfully submitted messages, and the user is automatically redirected here after validation of all form fields (including Captcha) is passed.
BotDetect\CaptchaConfig.asp
<% ' Captcha code configuration ' --------------------------------------------------------------------- LBD_Configuration_CodeLength = 3 LBD_Configuration_CodeStyle = LBD_CodeStyles("Alphanumeric") LBD_Configuration_CodeTimeout = 1200 LBD_Configuration_Locale = "en-US" LBD_Configuration_CustomCharset = "" LBD_Configuration_BannedSequences = "" ' Captcha image configuration ' --------------------------------------------------------------------- LBD_Configuration_ImageStyle = LBD_ImageStyles("Graffiti2") LBD_Configuration_ImageWidth = 150 LBD_Configuration_ImageHeight = 50 LBD_Configuration_ImageFormat = LBD_ImageFormats("JPEG") LBD_Configuration_CustomDarkColor = "" LBD_Configuration_CustomLightColor = "" LBD_Configuration_ImageTooltip = "CAPTCHA" LBD_Configuration_HelpLinkEnabled = True LBD_Configuration_HelpLinkMode = LBD_HelpLinkModes("Image") LBD_Configuration_HelpLinkUrl = "" LBD_Configuration_HelpLinkText = "" ' Captcha sound configuration ' --------------------------------------------------------------------- LBD_Configuration_SoundEnabled = True LBD_Configuration_SoundStyle = LBD_RandomSoundStyle() LBD_Configuration_SoundFormat = LBD_SoundFormats("WavPcm16bit8kHzMono") LBD_Configuration_SoundTooltip = "Speak the CAPTCHA code" LBD_Configuration_SoundIconUrl = "BotDetect/SoundIcon.gif" LBD_Configuration_SoundPackageFolder = "C:\Program Files (x86) \Lanapsoft\BotDetect 3 CAPTCHA Component\Asp\Redistribute\BotDetectSounds" LBD_Configuration_WarnAboutMissingSoundPackages = True LBD_Configuration_SoundStartDelay = 0 LBD_Configuration_SoundRegenerationMode = LBD_SoundRegenerationModes("Limited") ' Captcha reload configuration ' --------------------------------------------------------------------- LBD_Configuration_ReloadEnabled = True LBD_Configuration_ReloadTooltip = "Change the CAPTCHA code" LBD_Configuration_ReloadIconUrl = "BotDetect/ReloadIcon.gif" LBD_Configuration_AutoReloadExpiredCaptchas = True LBD_Configuration_AutoReloadTimeout = 7200 ' Captcha user input configuration ' --------------------------------------------------------------------- LBD_Configuration_AutoFocusInput = True LBD_Configuration_AutoClearInput = True LBD_Configuration_AutoUppercaseInput = True ' Captcha persistence configuration ' --------------------------------------------------------------------- Dim LBD_Persistence : Set LBD_Persistence = Session LBD_Configuration_UseApplicationFallback = True %>
The ASP Captcha library configuration file defines base Captcha settings for the sample.
Please Note
The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).
An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.
General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.
Current BotDetect Versions
-
BotDetect ASP.NET CAPTCHA
2019-07-22v4.4.2 -
BotDetect Java CAPTCHA
2019-07-22v4.0.Beta3.7 -
BotDetect PHP CAPTCHA
2019-07-22v4.2.5
