ASP.NET CAPTCHA Form Object Settings C# Code Example

The ASP.NET SimpleCaptcha form object settings example project shows how to configure BotDetect CAPTCHA challenges by setting SimpleCaptcha control properties in ASP.NET form source.

First Time Here?

Check the BotDetect Developer Crash Course for key integration steps.

Multiple ASP.NET forms within the same ASP.NET website can be protected by BotDetect SimpleCaptcha challenges: e.g. you could add SimpleCaptcha controls in both your Contact form and Registration form source.

To function properly, separate SimpleCaptcha challenges placed on each form should have different names (CaptchaStyleName values, Captcha1 and Captcha2 in this example), and can use completely different SimpleCaptcha settings.

Even multiple SimpleCaptcha instances placed on the same form won't interfere with each other's validation and functionality. And if a user opens the same page in multiple browser tabs, each tab will independently validate the shown Captcha code.

Shared SimpleCaptcha settings should always be placed in the web.config application configuration file, and only diverging settings set through SimpleCaptcha object instance properties in form code, to avoid code duplication.

Settings that affect only SimpleCaptcha container markup generation take effect immediately (changing SimpleCaptcha.Html output), but settings that affect SimpleCaptcha challenge (image or sound) generation in separate Http requests need to be saved in ASP.NET Session state when set through SimpleCaptcha object instance properties in form source, consuming server resources and reverting to defaults when the ASP.NET Session expires.

Please note that if configured values are dynamic (e.g. CaptchaRandomization helper or other function calls in form code), they will be re-calculated only when the form is reloaded (form code is executed). For example, SimpleCaptcha ImageStyle randomized in ASP.NET form source will not change on each SimpleCaptcha Reload button click, but only on each form load.

Download the BotDetect ASP.NET CAPTCHA Component and run this example

Visual Studio 2005-2017 / .NET 2.0 and onwards

By default, the .NET C# version of the ASP.NET Captcha form object settings example project is installed at:
C:\Program Files\Captcha Inc\BotDetect 4 CAPTCHA Component\Asp.Net\.NET\WebApp\SimpleAPI\CaptchaFormObjectSettingsExample\CSharp

You can also run it from the BotDetect Start Menu:
Programs > Captcha Inc > BotDetect 4 CAPTCHA Component > ASP.NET > ASP.NET Examples > Run .NET Examples

Default.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" 
Inherits="_Default" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
  <title>BotDetect ASP.NET CAPTCHA Options: Form Object Settings Code Example</title>

  <script type="text/javascript" 

</head>
<body>
  <form runat="server" class="column" id="form1">
    <h1>BotDetect ASP.NET CAPTCHA Options:
      <br />
      Form Object Settings Code Example</h1>
    <fieldset>
      <legend>ASP.NET WebForm CAPTCHA Validation</legend>
      <p class="prompt">
        <label for="Captcha1CodeTextBox">Retype the characters from the picture:</label></p>
      <BotDetect:WebFormsSimpleCaptcha runat="server" ID="Captcha1" />
      <div class="validationDiv">
        <asp:TextBox ID="Captcha1CodeTextBox" runat="server"></asp:TextBox>
        <asp:Label ID="Captcha1CorrectLabel" runat="server" CssClass="correct" 
        Text="Correct!" Visible="false"></asp:Label>
        <asp:Label ID="Captcha1IncorrectLabel" runat="server" 
        CssClass="incorrect" Text="Incorrect!" Visible="false"></asp:Label>
      </div>
    </fieldset>

    <fieldset>
      <legend>ASP.NET WebForm CAPTCHA Validation</legend>
      <p class="prompt">
        <label for="Captcha2CodeTextBox">Retype the characters from the picture:</label></p>
      <BotDetect:WebFormsSimpleCaptcha runat="server" ID="Captcha2" />
      <div class="validationDiv">
        <asp:TextBox ID="Captcha2CodeTextBox" runat="server"></asp:TextBox>
        <asp:Label ID="Captcha2CorrectLabel" runat="server" CssClass="correct" 
        Text="Correct!" Visible="false"></asp:Label>
        <asp:Label ID="Captcha2IncorrectLabel" runat="server" 
        CssClass="incorrect" Text="Incorrect!" Visible="false"></asp:Label>
      </div>
    </fieldset>

    <asp:Button ID="SubmitFormButton" runat="server" Text="Submit Form" />
  </form>
</body> 

Default.aspx.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

using BotDetect;

public partial class _Default : System.Web.UI.Page
{
  protected void Page_PreRender(object sender, EventArgs e)
  {
    // Form validation
    if (IsPostBack)
    {
      bool isHuman1 = Captcha1.Validate();
      if (isHuman1)
      {
        Captcha1CorrectLabel.Visible = true;
        Captcha1IncorrectLabel.Visible = false;
      }
      else
      {
        Captcha1CorrectLabel.Visible = false;
        Captcha1IncorrectLabel.Visible = true;
      }

      bool isHuman2 = Captcha2.Validate();
      if (isHuman2)
      {
        Captcha2CorrectLabel.Visible = true;
        Captcha2IncorrectLabel.Visible = false;
      }
      else
      {
        Captcha2CorrectLabel.Visible = false;
        Captcha2IncorrectLabel.Visible = true;
      }
    }
  }
}

Web.config

<?xml version="1.0"?>
<!--
  For more information on how to configure your ASP.NET application, please 
  visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true"/>
    <add key="ValidationSettings:UnobtrusiveValidationMode" value="None"/>
  </appSettings>
  <system.web>
    <httpHandlers>
      <!-- Register the HttpHandler used for BotDetect Simple API requests -->
      <add verb="GET" path="BotDetectCaptcha.ashx" 
      type="BotDetect.Web.SimpleCaptchaHandler, BotDetect"/>
    </httpHandlers>
    <pages controlRenderingCompatibilityVersion="4.5">
      <controls>
      <!-- Register the BotDetect tag prefix for easier use in all pages -->
      <add assembly="BotDetect" namespace="BotDetect.Web.UI" 
      tagPrefix="BotDetect"/>
      </controls>
    </pages>
    <compilation debug="false" targetFramework="4.5"/>
    <httpRuntime requestValidationMode="4.5" targetFramework="4.5" 
    encoderType="System.Web.Security.AntiXss.AntiXssEncoder, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
    <machineKey compatibilityMode="Framework45"/>
  </system.web>
  <system.webServer>
  <validation validateIntegratedModeConfiguration="false"/>
  <handlers>
    <!-- Register the HttpHandler used for BotDetect Simple API requests (IIS 7.0+) -->
    <remove name="BotDetectCaptchaHandler"/>
    <add name="BotDetectCaptchaHandler" preCondition="integratedMode" verb="GET" 
    path="BotDetectCaptcha.ashx" type="BotDetect.Web.SimpleCaptchaHandler, BotDetect"/>
  </handlers>
  </system.webServer>
 </configuration>

botdetect.xml

<?xml version="1.0" encoding="UTF-8"?>
<botdetect xmlns="https://captcha.com/schema/net" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="https://captcha.com/schema/net 
      https://captcha.com/schema/net/botdetect-4.4.0.xsd">

  <captchaStyles>
  
    <captchaStyle>
      <name>Captcha1</name>
      <userInputID>Captcha1CodeTextBox</userInputID>
      <codeLength>3-5</codeLength>
    </captchaStyle>
    
    <captchaStyle>
      <name>Captcha2</name>
      <userInputID>Captcha2CodeTextBox</userInputID>
      <codeLength>2-5</codeLength>
    </captchaStyle>
    
  </captchaStyles>

</botdetect>

In botdetect.xml, we configure captcha options for the ExampleCaptcha captcha style name. You can find a full list of available Captcha configuration options and related instructions at the Captcha configuration options page .


Current BotDetect Versions