Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...

When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store
Related Articles

Anti-Spam Techniques In PHP, Part 2

Introduction To CAPTCHA

This is the main method we’re going to look at in this article for preventing spam. CAPTCHA is acronym which stands for Completely Automated Public Turing test to tell Computers and Humans Apart.

You’ve probably seen one of these tests before – it’s basically an image that contains distorted text (and potentially a background image) to prevent automated tools (such as spam bots) from registering at web site or posting comments. Users are required to enter the text that appears in these images in order to proceed past the form they are completing.

How you can use CAPTCHA

You can use CAPTCHA in your web site in exactly the same way as I described above. All you need to do is add an CAPTCHA image and a text input to the form you’re trying to protect. This may be used in the following situations:

  • Protecting a registration form to stop automated registrations on your site
  • Protecting your publicly-editable Wiki from being overrun by automated posts
  • Protecting your blog from comments posted by spam bots

How this is implemented

Implementing CAPTCHA using PHP is fairly straightforward. We will be doing this using PEAR’s Text_CAPTCHA class and PHP’s sessions. The basic algorithm goes something like this:


  • In the form:
    • Generate a phrase for the user to enter, and write it to the session
    • Place a HTML img tag to call the CAPTCHA script (which we will create)
    • Place a text input box where the user can input the phrase
    • Create the script referenced in the image tag, which:
    • Creates the Text_CAPTCHA object
    • Fetches the phrase from the user’s session
    • Outputs the image
    • In the form processor:
  • Check that the submitted value matches the value in the session


In This Article