Current Location: Home> Latest Articles> How to Generate and Verify Image Captcha in PHP Tutorial

How to Generate and Verify Image Captcha in PHP Tutorial

M66 2025-07-01

PHP Implementation of Image Captcha Generation and Verification

In web development, to prevent automated malicious attacks or automated registration, image captchas are commonly used for validation. This article will demonstrate how to use PHP to generate and verify image captchas, providing relevant code examples.

Generating an Image Captcha

The key to generating an image captcha lies in creating a random captcha string and drawing it onto an image. Below is a PHP code example:

<?php
session_start();

// Declare image dimensions
$image_width = 100;
$image_height = 40;

// Create image resource
$image = imagecreatetruecolor($image_width, $image_height);

// Generate background color
$bg_color = imagecolorallocate($image, mt_rand(200, 255), mt_rand(200, 255), mt_rand(200, 255));
imagefill($image, 0, 0, $bg_color);

// Generate captcha string
$chars = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789';
$code = '';
for ($i = 0; $i < 4; $i++) {
    $code .= $chars[mt_rand(0, strlen($chars) - 1)];
}

// Save captcha string in session for validation
$_SESSION['captcha'] = $code;

// Draw captcha text
$font_file = 'path_to_your_font.ttf'; // Replace with your own font file path
$text_color = imagecolorallocate($image, 0, 0, 0); // Text color is black
imagettftext($image, 20, 0, 10, 30, $text_color, $font_file, $code);

// Output image
header('Content-Type: image/png');
imagepng($image);
imagedestroy($image);
?>

The above code first creates an image resource with specified width and height using the imagecreatetruecolor function. Then, using the imagecolorallocate function, a background color is generated and filled into the image. Next, the imagettftext function is used to draw the captcha string onto the image, and finally, the imagepng function outputs the generated image.

Verifying the Image Captcha

To verify the image captcha, we need to compare the captcha entered by the user with the one stored in the session. Below is the PHP code example for captcha verification:

<?php
session_start();

// Get the captcha entered by the user
$user_input = $_POST['captcha'];

// Get the captcha stored in session
$server_code = $_SESSION['captcha'];

// Verify if the user input captcha matches the stored captcha
if (strcasecmp($user_input, $server_code) === 0) {
    // Captcha is correct, perform corresponding actions
    echo 'Captcha correct';
} else {
    // Captcha is incorrect, prompt the user to try again
    echo 'Captcha incorrect';
}
?>

The above code starts a session, then retrieves the captcha entered by the user using the $_POST array, and retrieves the captcha stored in the session using the $_SESSION array. The strcasecmp function compares the two strings, and if they match, the captcha is correct, allowing the corresponding action to be performed. If they do not match, the user is prompted to re-enter the captcha.

Conclusion

With the two PHP code examples above, we can successfully generate and verify image captchas. The code for generating the captcha can be saved as a standalone file, such as captcha.php, and can be accessed whenever the captcha needs to be generated. The captcha verification code can be placed in the specific form submission handler.

In practical applications, in addition to the functionality described above, you may also want to add additional security measures, such as adding noise lines or encrypting the captcha.

Related