How To Add Captcha in PHP

In the vast realm of the internet, combating spam mail is an ongoing challenge for web developers and internet users alike. One effective method to mitigate the influence of spam bots is the implementation of CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). PHP, a popular server-side scripting language, makes use of the GD (Graphics Draw) library to create CAPTCHA images. This article delves into the world of CAPTCHA and demonstrates how to utilize PHP and the GD library to deploy CAPTCHA on your website.

Installing the GD Library on Linux:

Before delving into creating CAPTCHA, it’s essential to ensure that the GD library is installed on your Linux server. You can install it with the following command:

sudo apt-get install php7.0-gd

Generating CAPTCHA Using PHP and GD:

CAPTCHA typically involves creating an image with a random sequence of characters, which human users can interpret and enter correctly, but automated bots struggle to decipher. Here’s a PHP script example that generates a CAPTCHA image:


$randomnr = $_SESSION['randomnr2'];
$im = imagecreatetruecolor(230, 40);

$white = imagecolorallocate($im, 255, 255, 255);
$grey = imagecolorallocate($im, 150, 150, 150);
$black = imagecolorallocate($im, 0, 0, 0);

imagefilledrectangle($im, 0, 0, 200, 35, $black);

$font = dirname(__FILE__) . '/fonts/droidsansmono.ttf';

imagettftext($im, 14, 2, 22, 30, $grey, $font, $randomnr);
imagettftext($im, 14, 2, 15, 32, $white, $font, $randomnr);

header("Expires: Wed, 1 Jan 1997 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

header("Content-type: image/gif");

This script creates a CAPTCHA image with random text, preventing caching on the client side, and delivers the image in GIF format.

Method 2: Creating CAPTCHA with PHP and GD:

Here’s an alternative approach to generating CAPTCHA using PHP and the GD library:

$i = 0;
$characters_on_image = 6;
$possible_letters = '23456789ABCDEFGHJKLMNPRSTVWXYZ';
$_SESSION['cap_code'] = '';

while ($i < $characters_on_image) {
    $_SESSION['cap_code'] .= substr($possible_letters, mt_rand(0, strlen($possible_letters)-1), 1);

$newImage = imagecreatefromjpeg('fonts/cap_bg.jpg');
$txtColor = imagecolorallocate($newImage, 80, 80, 80);
putenv('GDFONTPATH=' . realpath('.'));
$font = 'fonts/droidsansmono';
imagettftext($newImage, 20, 0, 6, 26, $txtColor, $font, $_SESSION['cap_code']);

header('Content-type: image/jpeg');

In this approach, the script generates CAPTCHA by creating an image from a JPEG background and overlaying random text. The CAPTCHA code is stored in the session variable for verification.

By incorporating these PHP and GD library-based CAPTCHA scripts, you can bolster your website’s security against spam bots and ensure that only genuine human users can access your services or submit forms. CAPTCHA is a reliable tool in the battle against unwanted spam and ensures a smoother and more secure online experience for your users.

Ali Imran
Over the past 20+ years, I have been working as a software engineer, architect, and programmer, creating, designing, and programming various applications. My main focus has always been to achieve business goals and transform business ideas into digital reality. I have successfully solved numerous business problems and increased productivity for small businesses as well as enterprise corporations through the solutions that I created. My strong technical background and ability to work effectively in team environments make me a valuable asset to any organization.

Leave a Reply