CAPTCHA Code Filtering PHP Code Sample (BotDetect v3.0; deprecated)
The PHP Captcha code filtering code sample shows how to use the new CAPTCHA code filtering functionality added in BotDetect CAPTCHA v3.0.
First Time Here?
Check the BotDetect Developer Crash Course for key integration steps.
You can define rules about character sequences you want to avoid using in randomly generated CAPTCHA codes and simply pass them to the Captcha library.
The CaptchaConfig.php
file defines a simplified custom character set (using only 'A'
, 'B'
, 'C'
and 'D'
), which helps make the code filtering easier to track in action.
The $LBD_CaptchaConfig->BannedSequences
setting in the same file shows how to create your own banned sequence definitions to suit your application needs. The following sequences will never appear in Captcha codes generated in the sample: D
, AA
, BB
, CC
, ABC
, BCA
, CAB
.
Downloaded Location
The PHP Captcha code filtering code sample is included in the samples/captcha_code_filtering_sample
folder of the download package.
index.php
<?php session_start(); ?> <?php require("botdetect.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>BotDetect PHP CAPTCHA Code Filtering Sample</title> <link type="text/css" rel="Stylesheet" href="StyleSheet.css" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link type="text/css" rel="Stylesheet" href="<?php echo CaptchaUrls:: LayoutStylesheetUrl() ?>" /> </head> <body> <form method="post" action="" id="form1"> <h1>BotDetect PHP CAPTCHA Code Filtering Sample</h1> <fieldset> <legend>PHP CAPTCHA validation</legend> <label for="CaptchaCode">Retype the characters from the picture:</label> <?php // Adding BotDetect Captcha to the page $CodeFilteredCaptcha = new Captcha("CodeFilteredCaptcha"); $CodeFilteredCaptcha->UserInputID = "CaptchaCode"; echo $CodeFilteredCaptcha->Html(); ?> <div class="validationDiv"> <input name="CaptchaCode" type="text" id="CaptchaCode" /> <input type="submit" name="ValidateCaptchaButton" value="Validate" id="ValidateCaptchaButton" /> <?php // when the form is submitted if ($_POST) { // validate the Captcha to check we're not dealing with a bot $isHuman = $CodeFilteredCaptcha->Validate(); if (!$isHuman) { // Captcha validation failed, show error message echo "<span class=\"incorrect\">Incorrect code</span>"; } else { // Captcha validation passed, perform protected action echo "<span class=\"correct\">Correct code</span>"; } } ?> </div> </fieldset> </form> </body> </html>
In the form source, we follow the standard procedure for adding Captcha protection to a PHP form.
botdetect/CaptchaConfig.php
<?php // override lib settings $LBD_CaptchaConfig = CaptchaConfiguration::GetSettings(); $LBD_CaptchaConfig->CustomCharset = 'A,B,C,D'; $LBD_CaptchaConfig->BannedSequences = 'd,aa,bb,cc,abc,bca,cab'; ?>
Since the code sample includes the BotDetect Captcha library from a shared location, we use a local config file to override base Captcha settings. If you are just copying the whole Captcha library to the root folder of your website, you could make the same changes in the main botdetect/CaptchaConfig.php
file.
The Captcha code filtering algorithm works as shown in the example.
- If the first character is "a", for second character generation we check:
- all banned sequences of length = 2 starting with "a"
- If the first two characters are "ab", for third character generation we check:
- all banned sequences of length = 3 starting with "ab" AND
- all banned sequences of length = 2 starting with "b"
- If the first three characters are "abc", for fourth character generation we check:
- all banned sequences of length = 4 starting with "abc" AND
- all banned sequences of length = 3 starting with "bc" AND
- all banned sequences of length = 2 starting with "c"
Since Captcha codes are short (usually 4-8 characters), such recursive processing is acceptable performance-wise.
Please Note
The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).
An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.
General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.
Current BotDetect Versions
-
BotDetect ASP.NET CAPTCHA
2019-07-22v4.4.2 -
BotDetect Java CAPTCHA
2019-07-22v4.0.Beta3.7 -
BotDetect PHP CAPTCHA
2019-07-22v4.2.5