CAPTCHA Code Filtering PHP Code Sample (BotDetect v3.0; deprecated)

The PHP Captcha code filtering code sample shows how to use the new CAPTCHA code filtering functionality added in BotDetect CAPTCHA v3.0.

First Time Here?

Check the BotDetect Developer Crash Course for key integration steps.

You can define rules about character sequences you want to avoid using in randomly generated CAPTCHA codes and simply pass them to the Captcha library.

The CaptchaConfig.php file defines a simplified custom character set (using only 'A', 'B', 'C' and 'D'), which helps make the code filtering easier to track in action.

The $LBD_CaptchaConfig->BannedSequences setting in the same file shows how to create your own banned sequence definitions to suit your application needs. The following sequences will never appear in Captcha codes generated in the sample: D, AA, BB, CC, ABC, BCA, CAB.

Downloaded Location

The PHP Captcha code filtering code sample is included in the samples/captcha_code_filtering_sample folder of the download package.

Download the BotDetect PHP CAPTCHA Library and run this sample

index.php

<?php session_start(); ?>
<?php require("botdetect.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
  <title>BotDetect PHP CAPTCHA Code Filtering Sample</title>
  <link type="text/css" rel="Stylesheet" href="StyleSheet.css" />
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <link type="text/css" rel="Stylesheet" href="<?php echo CaptchaUrls::
    LayoutStylesheetUrl() ?>" />
</head>
<body>
  <form method="post" action="" id="form1">

    <h1>BotDetect PHP CAPTCHA Code Filtering Sample</h1>

    <fieldset>
      <legend>PHP CAPTCHA validation</legend>
      <label for="CaptchaCode">Retype the characters from the picture:</label>

      <?php // Adding BotDetect Captcha to the page
        $CodeFilteredCaptcha = new Captcha("CodeFilteredCaptcha");
        $CodeFilteredCaptcha->UserInputID = "CaptchaCode";
        echo $CodeFilteredCaptcha->Html();
      ?>

      <div class="validationDiv">
        <input name="CaptchaCode" type="text" id="CaptchaCode" />
        <input type="submit" name="ValidateCaptchaButton" value="Validate" 
          id="ValidateCaptchaButton" />

        <?php // when the form is submitted
          if ($_POST) {
            // validate the Captcha to check we're not dealing with a bot
            $isHuman = $CodeFilteredCaptcha->Validate();

            if (!$isHuman) {
              // Captcha validation failed, show error message
              echo "<span class=\"incorrect\">Incorrect code</span>";
            } else {
              // Captcha validation passed, perform protected action
              echo "<span class=\"correct\">Correct code</span>";
            }
          }
        ?>
      </div>

    </fieldset>

  </form>
</body>
</html>

In the form source, we follow the standard procedure for adding Captcha protection to a PHP form.

botdetect/CaptchaConfig.php

<?php

// override lib settings
$LBD_CaptchaConfig = CaptchaConfiguration::GetSettings();

$LBD_CaptchaConfig->CustomCharset = 'A,B,C,D';
$LBD_CaptchaConfig->BannedSequences = 'd,aa,bb,cc,abc,bca,cab';

?>

Since the code sample includes the BotDetect Captcha library from a shared location, we use a local config file to override base Captcha settings. If you are just copying the whole Captcha library to the root folder of your website, you could make the same changes in the main botdetect/CaptchaConfig.php file.

The Captcha code filtering algorithm works as shown in the example.

  • If the first character is "a", for second character generation we check:
    • all banned sequences of length = 2 starting with "a"
    giving us a set of characters to exclude for second character generation.
  • If the first two characters are "ab", for third character generation we check:
    • all banned sequences of length = 3 starting with "ab" AND
    • all banned sequences of length = 2 starting with "b"
    giving us a set of characters to exclude for third character generation.
  • If the first three characters are "abc", for fourth character generation we check:
    • all banned sequences of length = 4 starting with "abc" AND
    • all banned sequences of length = 3 starting with "bc" AND
    • all banned sequences of length = 2 starting with "c"
    giving us a set of characters to exclude for fourth character generation.

Since Captcha codes are short (usually 4-8 characters), such recursive processing is acceptable performance-wise.


Please Note

The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).

An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.

General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.