Simple PHP Anti-Spam Captcha Script

Anti-Spam PHP Captcha ExampleOne of the best, if not the best, ways to prevent automated web robot tools and spammers from taking advantage of your forms and scripts is by using a captcha image. Here is a simple example that I hacked up earlier today to use on my Advanced Request and Response HTTP Header Viewer among other tools.

View a working example on my Advanced Request and Response HTTP Header Viewer tool.

PHP Anti-Spam Captcha Example

Save this on your site as capya.php and include in your php script with require_once 'capya.php', then run with askapache_captcha(); which outputs XHTML of the captcha image.

define('CAPYAINC','/web/user/'); // the directory where the fonts and bg image are stored
define('CAPYAURI','');  // the web uri where the captcha image will be located
define('CAPYADIR','/web/user/');  the directory where the captcha image will be stored

function askapache_captcha($type=1,$numletters=4,$fontsize=22){
    $capya_string=capya_string($numletters);        // the letters and numbers displayed on captcha
    $capya_bgfile=CAPYAINC.'n.png';              // the background image for the captcha
    $capya_filename='askapache-'.rand(1111,999999).'.jpg';    // the filename of finished captcha
    $capya_file=CAPYADIR.$capya_filename;          // the full path to finished captcha
    $capya_uri=CAPYAURI.$capya_filename;          // the public web address to finished captcha

    // create image from background image

    // store the md5 of the captcha string
    $_SESSION['askapache_captcha'] = md5($capya_string);

  // add chars to captcha image
  for($i=0; $i<$numletters; $i++){
    $L[]=substr($capya_string,$i,1);    // each char from string into individual variable
    $A[]=rand(-20, 20);      // random angle for each char
    $F[]=CAPYAINC.rand(1, 10).".ttf";  // random font for each char
    $C[]=rand(0, 5);      // random color for each char
    $T[]=imagecolorallocate($image,$rgb[$C[$i]][0],$rgb[$C[$i]][1],$rgb[$C[$i]][2]);  // allocate colors for chars
    imagettftext($image, $fontsize, $A[$i], $g, $fontsize+15, $T[$i], $F[$i], $L[$i]);  // write chars to image

  // save jpeg image to public web folder
  imagejpeg($image, $capya_file);

  // output the image url
    echo '<p><label for="capya" class="S"><input id="capya" name="capya" type="text" value="" size="5" class="S" style="width:150px" maxlength="5" /></label></p>';
  } else echo '';

    // destroy image

    // delete all captcha images at 12 and 3 oclock if more than 100 are found
    else if(($dt==3)||($dt=='3'))capya_cleanup();

function capya_cleanup(){
    foreach ($files as $filename) {
      //echo "$filename size " . filesize($filename) . "n";

function capya_string($len){
    for($i=1; $i<=$len; $i++) {
        $ord=rand(48, 90);
        if((($ord >= 48) && ($ord <= 57)) || (($ord >= 65) && ($ord<= 90))) $str.=chr($ord);
        else $str.=capya_string(1);
    return $str;

Verify Captcha

To verify a user-submitted (via POST or GET) value for the captcha image, do this.

echo 'verified, continue processing script';
echo 'incorrect, stop processing script';

Get the Anti-Spam Captcha Code

  1. askapache-captcha.php
  2. Download the TrueType Font files and captcha background image