BotDetect CAPTCHA PHP Code Examples

The BotDetect PHP Captcha package includes a number of code examples which can help you get started with integrating BotDetect in your PHP websites and configuring various Captcha options.

First Time Here?

Check the BotDetect Developer Crash Course for key integration steps.

Table of Contents

BotDetect PHP CAPTCHA Code Examples Location

After unpacking the BotDetect Captcha library, you can find the PHP Captcha code examples in the examples folder. If you copy the contents of this this folder to a path accessible by your Http server software configured to run PHP (the htdocs folder in Apache installations, Inetpub on IIS, etc.), the index.html will guide you to individual examples.

BotDetect CAPTCHA PHP Integration Code Examples

Integration code examples show how to integrate BotDetect in your PHP websites.


PHP Basic Captcha Code Example

This code example shows the most basic source code required to protect a PHP form with BotDetect Captcha and validate the user input.

It can be used as a starting point when you are first learning how to use BotDetect.

Default Source Code Folder Online Source
examples/php-basic-captcha-example

PHP Form Captcha Code Example

This code example shows how to add BotDetect Captcha protection to a typical PHP form.

Captcha validation is integrated with other form fields validation, and only submissions that meet all validation criteria are accepted.

This kind of validation could be used on various types of public forms which accept messages, and are at risk of unwanted automated submissions.

For example, it could be used to ensure bots can't submit anything to a contact form, add guestbook entries, blog post comments or anonymous message board / forum replies.

Default Source Code Folder Online Source
examples/php-form-captcha-example

PHP Login Form Captcha Code Example

This code example shows how to add BotDetect Captcha validation to simple PHP login forms.

To prevent bots from trying to guess the login info by brute force submission of a large number of common values, the visitor first has to prove they are human (by solving the Captcha), and only then is their username and password submission checked against the authentication data store.

Also, if they enter an invalid username + password combination three times, they have to solve the Captcha again. This prevents attempts in which the attacker would first solve the Captcha themselves, and then let a bot brute-force the authentication info.

Default Source Code Folder Online Source
examples/php-login-form-captcha-example

PHP jQuery Validation Captcha Code Example

This code example shows how to integrate BotDetect PHP Captcha validation with jQuery Validation client-side form validation.

Client-side validation is not secure by itself (it can be bypassed trivially by bots that don't execute JavaScript at all), so the example shows how the protected form action must always be secured by server-side Captcha validation first, and uses client-side validation only to improve the user experience.

Default Source Code Folder Online Source
examples/php-jquery-validation-captcha-example

BotDetect CakePHP CAPTCHA Integration Code Examples

Captcha CakePHP integration code examples show how to use BotDetect Captcha protection in your CakePHP applications.

CakePHP Basic BotDetect Captcha Code Example

This example illustrates the most basic form of BotDetect PHP Captcha protection in CakePHP MVC applications.

Alongside the Captcha image, the user is provided with an input field to retype the displayed characters. Depending on if the Captcha code entered matches the displayed one or not, a message stating the validation result is shown on the form.

The simple code showing the message in this example would of course be replaced with useful form processing code in a real world scenario.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CakePHP integration package

CakePHP Form Model Validation BotDetect Captcha Code Example

This example shows how to integrate BotDetect PHP Captcha validation and CakePHP data validation functionality. It uses Cake's FormHelper and Model validation, which provide a lot of out-the-box functionality when used together.

The example is based around a contact form which sends email if the user input is considered valid – a likely real world scenario for Captcha protection integration.

To keep the example brief, it doesn't use a database backend. Still, this type of Model integration is ideal for protecting database-driven forms that take advantage of the CakePHP Model infrastructure.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CakePHP integration package

CakePHP Auth Captcha Code Example

This example demonstrates how to integrate BotDetect PHP Captcha into login and register forms in a scenario where CakePHP Auth Component is used to authenticate users to your application.

The example is based around a login form and a registration form which authenticate users and add new users if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CakePHP integration package

BotDetect CAPTCHA CodeIgniter Integration Code Examples

Captcha CodeIgniter integration code examples show how to use BotDetect Captcha protection in your CodeIgniter applications.

CodeIgniter Basic BotDetect Captcha Code Example

This example illustrates the most basic form of BotDetect PHP Captcha protection in CodeIgniter MVC applications.

Alongside the Captcha image, the user is provided with an input field to retype the displayed characters. Depending on if the Captcha code entered matches the displayed one or not, a message stating the validation result is shown on the form.

The simple code showing the message in this example would of course be replaced with useful form processing code in a real world scenario.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CodeIgniter integration package

CodeIgniter Form Validation BotDetect Captcha Code Example

This example shows how to integrate BotDetect PHP Captcha validation and CodeIgniter form validation functionality. It uses the CodeIgniter Form helper and the Form Validation library.

The brief example is based around a contact form which sends email if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CodeIgniter integration package

CodeIgniter Bit Auth Captcha Code Example

This example demonstrates how to integrate BotDetect PHP Captcha into login and register forms in a scenario where Bit Auth library is used to authenticate users to your application.

The example is based around a login form and a add new form which authenticate users and add new users if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CodeIgniter integration package

CodeIgniter Ion Auth Captcha Code Example

This example demonstrates how to integrate BotDetect PHP Captcha into login and forgot password forms in a scenario where Ion Auth library is used to authenticate users to your application.

The example is based around a login form and a forget password form which authenticate users and sends email if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CodeIgniter integration package

CodeIgniter Tank Auth Captcha Code Example

This example demonstrates how to integrate BotDetect PHP Captcha into login, register, forget password and send again forms in a scenario where Tank Auth library is used to authenticate users to your application.

The example is based around a login, register, forget password and send again forms which authenticate users, add new users and sends email if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha CodeIgniter integration package

BotDetect CAPTCHA Laravel Integration Code Examples

Captcha Laravel integration code examples show how to use BotDetect Captcha protection in your Laravel applications.

Laravel Basic BotDetect Captcha Code Example

This example illustrates the most basic form of BotDetect PHP Captcha protection in Laravel MVC applications.

Alongside the Captcha image, the user is provided with an input field to retype the displayed characters. Depending on if the Captcha code entered matches the displayed one or not, a message stating the validation result is shown on the form.

The simple code showing the message in this example would of course be replaced with useful form processing code in a real world scenario.

Default Source Code Folder Online Source
Part of the BotDetect Captcha Laravel integration package

Laravel Form Validation BotDetect Captcha Code Example

This example shows how to integrate BotDetect PHP Captcha validation and Laravel validation functionality. It uses Laravel's Forms & HTML and Validation class.

The example is based around a contact form which sends email if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha Laravel integration package

Laravel Auth Captcha Code Example

This example demonstrates how to integrate BotDetect PHP Captcha into login and register forms in a scenario where Laravel Auth is used to authenticate users to your application.

This example also uses Forms & HTML to generate a form, Validation class to validate input fields data, and Blade Templating.

The example is based around a login form and a registration form which authenticate users and add new users if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha Laravel integration package

BotDetect CAPTCHA Symfony Integration Code Examples

Captcha Symfony integration code examples show how to use BotDetect Captcha protection in your Symfony applications.

Symfony Basic BotDetect Captcha Code Example

This example illustrates the most basic form of BotDetect PHP Captcha protection in Symfony MVC applications.

Alongside the Captcha image, the user is provided with an input field to retype the displayed characters. Depending on if the Captcha code entered matches the displayed one or not, a message stating the validation result is shown on the form.

The simple code showing the message in this example would of course be replaced with useful form processing code in a real world scenario.

Default Source Code Folder Online Source
Part of the BotDetect Captcha Symfony integration package

Symfony Form Validation BotDetect Captcha Code Example

This example shows how to integrate CaptchaBundle in a form. It also uses the ValidCaptcha constraint to validate captcha code when a form is submitted.

The example is based around a contact form which sends email if the user input is considered valid – a likely real world scenario for Captcha protection integration.

Default Source Code Folder Online Source
Part of the BotDetect Captcha Symfony integration package

Symfony FOSUserBundle Captcha Code Example

The FOSUserBundle adds support for a database-backed user system in Symfony. It provides a flexible framework for user management that aims to handle common tasks such as user registration and password retrieval. This code example shows you how to integrate CaptchaBundle into FOSUserBundle login and register forms.

Default Source Code Folder Online Source
Part of the BotDetect Captcha Symfony integration package

BotDetect PHP CAPTCHA Configuration Code Examples

Captcha options code examples show how to use particular BotDetect Captcha options in your PHP websites.

PHP Captcha Options: Application Config Settings Code Example

This code example shows how to configure Captcha challenges by overriding Captcha library defaults in application configuration files.

BotDetect allows user-defined customization of many Captcha options through a special CaptchaConfig.php file, which should be placed in the same folder as the botdetect.php include used by your PHP forms.

Captcha settings from this configuration file will apply to all Captcha challenges shown on forms including that particular copy of botdetect.php, and will act as defaults with which all Captcha objects will be created. This makes configuration file settings the simplest and most convenient way of Captcha customization for most use cases.

The CaptchaConfig.php file used in this code example contains detailed descriptions and explanations of the many customizable Captcha options exposed by the BotDetect PHP Captcha configuration API.

Default Source Code Folder Online Source
examples/captcha-application-config-settings-example

PHP Captcha Options: Client-Side Workflow Settings Code Example

This code example shows how to use custom BotDetect client-side events to execute user-defined JavaScript code at various stages of the Captcha challenge workflow.

Client-side Captcha object initialization, Captcha image reloading, Captcha sound playback, built-in Captcha Ajax validation, and Captcha help link clicks all have a number of related client-side "events" and hooks where user-defined client-side callbacks can be injected.

User code can be associated with Captcha workflow events using the BotDetect.RegisterCustomHandler() function, as shown in the example JavaScript code.

Loading the form will initialize the client-side Captcha object (created by the BotDetect.Init() JavaScript call included in Captcha markup), and result in the PostInit event.

Clicking the Captcha sound icon will result in the PrePlaySound event before the audio elements are added to the page DOM. There is no PostPlaySound event since not all browsers allow user callbacks when browser sound playing finishes.

Clicking the Captcha reload icon will result in PreReloadImage and PostReloadImage events, executed before and after the Http request loading the new Captcha image from the server.

Clicking the Captcha image (i.e. the included Captcha help link) will result in the OnHelpLinkClick event.

Typing in a Captcha code and clicking the Validate button will first result in the PreAjaxValidate event, and later in either AjaxValidationFailed or AjaxValidationPassed depending on whether the server responds that the typed-in Captcha code was correct or not. In case of Ajax asynchronous request errors, AjaxValidationError will be called.

Default Source Code Folder Online Source
examples/captcha-clientside-workflow-settings-example

PHP Captcha Options: Form Object Settings Code Example

This code example shows how to configure Captcha challenges by setting Captcha object properties in PHP form source.

Multiple PHP forms within the same PHP website can be protected by BotDetect Captcha challenges: e.g. you could include botdetect.php in both your Contact form and Registration form source.

To function properly, separate Captcha challenges placed on each form should have different names (CaptchaId values sent to the Captcha object constructor, "Captcha1" and "Captcha2" in this example), and can use completely different Captcha settings.

Even multiple Captcha instances placed on the same form won't interfere with each other's validation and functionality. And if a user opens the same page in multiple browser tabs, each tab will independently validate the shown Captcha code.

Shared Captcha settings should always be placed in the CaptchaConfig.php application configuration file, and only diverging settings set through Captcha object instance properties in form code, to avoid code duplication.

Settings that affect only Captcha container markup generation take effect immediately (changing $Captcha->Html output), but settings that affect Captcha challenge (image or sound) generation in separate Http requests need to be saved in PHP Session state when set through Captcha object instance properties in form source, consuming server resources and reverting to defaults when the PHP Session expires.

Please note that if configured values are dynamic (e.g. CaptchaRandomization helper or other function calls in form code), they will be re-calculated only when the form is reloaded (form code is executed). For example, Captcha ImageStyle randomized in PHP form source will not change on each Captcha Reload button click, but only on each form load.

Default Source Code Folder Online Source
examples/captcha-form-object-settings-example

PHP Captcha Options: Request Dynamic Settings Code Example

This code example shows how to dynamically adjust Captcha configuration, potentially on each Http request made by the client.

Any PHP code setting Captcha properties in the CaptchaConfig.php file will be executed not only for each protected form GET or POST request (like Captcha configuration code placed in form source would be), but also for each each GET request loading a Captcha image or sound, or making an Ajax Captcha validation call.

If configured values are dynamic (e.g. CaptchaRandomization helper or other function calls in CaptchaConfig.php code), they will be re-calculated for each Captcha challenge generated. For example, Captcha ImageStyle randomized in CaptchaConfig.php code will change on each Captcha reload button click.

This means your code can reliably keep track of visitor interaction with the Captcha challenge and dynamically adjust its settings. Also, while CaptchaConfig.php settings apply to all Captcha instances by default, you can also selectively apply them based on CaptchaId.

To show an example of the possible dynamic Captcha configuration adjustments, this code example increases the difficulty of the Captcha test if the visitor associated with the current PHP Session fails a certain number of Captcha validation attempts, and also sets the Captcha locale to Chinese for requests from a certain IP range.

Default Source Code Folder Online Source
examples/captcha-request-dynamic-settings-example