BotDetect PHP CAPTCHA Generator

Unlike Recaptcha the Stalker -- BotDetect CAPTCHA works in China! Licensable source-code; self-hosted -- doesn't stalk -- nor does it slurp your form-data! Think: GDPR & LGPD!

PHP CAPTCHA Generator Highlights:

    NATIONAL-SECURITY & PRIVACY FRIENDLY:

  • Self-hosted PHP Captcha library -- no 3rd-party servers involved
  • Where having no 3rd-party servers involved also means no:
    • TLS v1.3 PSK/n-RTT session resumption,
    • TLS v1.2 Session Ticket/ID session resumption,
    • TLS Channel ID,
    • Token Binding-based
    ways of user identification and tracking / stalking
  • Lets you never have 3rd-parties identify and stalk users on your site -- and never have 3rd-parties slurp national-security-sensitive or privacy-sensitive form-data from your site
  • Plays nicely with TOR Browser users
  • NOTHING TO HIDE HERE:

  • Licensable source-code (PHP/JavaScript) -- to fit neatly in your code audit processes
  • MULTINATIONALS FRIENDLY:

  • Works in China
  • Allows for EU GDPR and Brazilian LGPD compliant sites -- no need to risk those enormous multi-million dollar fines
  • 54 audio localizations (including all 24 official EU languages) letting you treat each local market with that particular local market's familiar combination of script and language
  • EASY FRONTEND INTEGRATIONS:

  • Out-of-the-box integrations with various JavaScript frontends:
  • EASY BACKEND INTEGRATIONS:

  • Out-of-the-box integrations with various PHP backends:
  • DEVOPS FRIENDLY:

  • TestMode-enabled -- ready for your CI/CD pipelines
  • ACCESSIBLE:

  • Produces XHTML 1.1 Strict, Section 508 and WCAG AAA compliant markup
  • Accompanied with legible images and recognizable audios
  • MISCELLANEOUS:

  • 60 secure & readable Captcha image styles
  • 20 secure & accessible audio Captcha sound styles
  • Custom Captcha image size, code length, css & icons, tooltips, and pretty much everything else...
  • Full support for all major browsers and all Android & iOS devices

Quickstarts:

BotDetect PHP Captcha generator allows you to easily add Captcha protection to various types of PHP based web forms.

We'll use default Captcha generator settings; to see how powerful and customizable BotDetect is, check the BotDetect features demo.

1. Copy Captcha Library Files

Copy simple-botdetect.php and botdetect, config folders to your website folder. These files are included in the BotDetect download package (the lib sub-folder).

2. Enable SQLite3

The SQLite3 extension is enabled by default as of PHP 5.3.0. Windows users must enable php_sqlite3.dll in order to use this extension.

BotDetect PHP Simple Captcha requires it to store Captcha codes, so you should ensure SQLite3 is enabled (or configure an alternative persistence mechanism).

3. Make Captcha configuration options

Update your Captcha configuration (config/botdetect.xml) file.
<?xml version="1.0" encoding="UTF-8"?>
<botdetect xmlns="https://captcha.com/schema/php"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="https://captcha.com/schema/php
      https://captcha.com/schema/php/botdetect-4.2.3.xsd">

  <captchaStyles>
    <captchaStyle>
      <name>ExampleCaptcha</name>
      <userInputID>CaptchaCode</userInputID>
      <codeLength>3-5</codeLength>
    </captchaStyle>
  </captchaStyles>

</botdetect>

4. Show a Captcha Challenge on the Form

On the very top of the source file for the PHP form you want to protect against bots, add:
<?php require("lib/simple-botdetect.php"); ?>
On the PHP form you want to protect against bots, add:
<?php // Adding BotDetect Captcha to the page
  $ExampleCaptcha = new SimpleCaptcha("ExampleCaptcha");
  echo $ExampleCaptcha->Html();
?>

<input name="CaptchaCode" type="text" id="CaptchaCode" />

5. Check User Input During Form Submission

When the form is submitted, the Captcha validation result must be checked:
<?php 
  if ($_POST) {
    // validate the Captcha to check we're not dealing with a bot
    $isHuman = $ExampleCaptcha->Validate();
    
    if (!$isHuman) {
      // TODO: Captcha validation failed, show error message
    } else {
      // TODO: Captcha validation passed, perform protected action
    } 
  }
?>

In-Depth PHP CAPTCHA Instructions and Explanations

Detailed PHP Captcha instructions and explanations can be found in the PHP Captcha integration how to guide.

BotDetect PHP CAPTCHA Free Version

You can download BotDetect PHP CAPTCHA Library for free and use it immediately! Your PHP forms can be protected from spam (and bots in general) in minutes.

We offer basic email support for free to all BotDetect users. So if you need any assistance integrating BotDetect or have any questions or feedback, our Support department is at your disposal.

Once the BotDetect Captcha generator library has been integrated into your PHP website and you're satisfied with how it works, it's easy to upgrade your license if you need the extra features offered by commercial BotDetect versions.

BotDetect PHP CAPTCHA Free Download

BotDetect PHP CAPTCHA System Requirements

OS Server PHP Browser

Supported Operating Systems:

  • Linux
  • Windows
  • Mac OS X

Supported Web Servers:

  • Apache 2.2+

Supported PHP Versions:

  • PHP 7.0.0+
  • PHP 5.7.0+
  • PHP 5.6.0+
  • PHP 5.5.0+
  • PHP 5.4.0+
  • PHP 5.3.2+

PHP installation must include libgd and SQLite3 support.

Officially Supported Browsers*:

  • Chrome 49+
  • Edge 20+
  • Firefox 52+
  • IE 8+
  • Opera 36+
  • Safari (OSX) 5+
  • Safari (iOS 6+)

Numerous other browsers are not officially supported but the captcha still works.

Read the notes below!

*

'Officially Supported Browsers' are those browsers for which we do the testing in order to ensure that both the image and audio captcha options are working properly.

Nonetheless, both the image and audio captcha options are working properly in the most of non-archaic ** browsers anyway -- officially-supported, or not -- while the image captcha option alone works in all of them!

If you find our 'Officially Supported Browsers' policy too-restrictive check Recaptcha the Stalker's one that says:

  • We support the two most recent major versions of the following:

    • desktop (Windows, Linux, Mac): Chrome, Firefox, Safari, IE

    • mobile: Chrome, Safari, Android native browser (4.0+)

We guess that after checking the Recaptcha's policy -- you will consider ours as the accommodative one :).

**

Archaic browsers?

At present, our 'Archaic Browsers' policy works this way:

  • Those last remaining few real humans still browsing around using the WinXP should update their browsers to the latest version that still works on the XP.

Or, in the less nice words:

  • If those last remaining few laggards cannot be bothered to update their browsers -- we cannot be bothered neither -- nor you should be!

  • Half of the Internet is broken for them since years ago anyway -- and they do not seem to care!