I posted this a while ago, but worried no one will notice it as it looks like I'm just replying or whatever ... you know what I mean! I hope Lol

I'm trying to get a match captcha to work on my website, and after trying a combination of what was suggested, it still doesn't seem to be checking the answer correctly - therefore, still receiving spam.

This is what my processing form looks like:


$EmailFrom = "...";
$EmailTo = "...";
$Subject = "...";
$Name = Trim(stripslashes($POST['Name']));
$email = Trim(stripslashes($POST['email']));
$phone = Trim(stripslashes($POST['phone']));
$comments = Trim(stripslashes($POST['comments']));

// validation
if (!$validationOK) {
    print "POST['captcha_result'] != $SESSION['captcha_result'] ){ $error = 'Wrong result. Try again.';
    //run server side script

// prepare email body text
$Body = "";
$Body .= "Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Phone: ";
$Body .= $phone;
$Body .= "\n";
$Body .= "Email: ";
$Body .= $email;
$Body .= "\n";
$Body .= "Comments: ";
$Body .= $comments;
$Body .= "\n";

// send email
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");

// redirect to success page if ($success){ print "

This what I've added to the form itself:

<img src="image.php" alt="Click to reload image" title="Click to reload image" id="captcha" onclick="javascript:reloadCaptcha()" />
<input type="text" name="secure" value="" onclick="this.value=''" />

This is placed at the top so the image can be reloaded:

<script language="javascript" type="text/javascript">
/* this is just a simple reload; you can safely remove it; remember to remove it from the image too */
function reloadCaptcha()
    document.getElementById('captcha').src = document.getElementById('captcha').src+ '?' +new Date();

Would someone please let me know what I'm doing wrong?

Thanks for you time, I appreciate it ~

  • You might want to reformat this to make it a bit easier to read. Select the whole body of code before clicking the code-style button... Kev over 8 years ago
  • Could you post your whole form instead of just the part your have now? Abinadi Ayerdis over 8 years ago
  • Also, do you have a staging link? Let's see this form... Abinadi Ayerdis over 8 years ago

2 answers


Hi Jennifer, I've amended your text so the code displays properly in this post. This will make it easier for someone to answer.

Having re-read your code, I'm not sure of what it's supposed to be doing. You seem to be manually setting the value of $validationOK to true, and then checking it, and of course it will be true. At which point, you are trying to display some text, but your syntax appears incorrect. Did it get messed up when you posted?

This line doesn't make sense:

print "POST['captcha_result'] != $SESSION['captcha_result'] ){ $error = 'Wrong result. Try again.';

Should it be...

print "POST['captcha_result'] != $SESSION['captcha_result']"; // Displays the text, not the variable values
$error = 'Wrong result. Try again.';

That aside, there's no mention of a captcha anywhere. Perhaps you can clarify?

Answered over 8 years ago by Edward Williams

I'm guessing it should be something like this:

// validation
$validationOK=$POST['captcha_result'] == $SESSION['captcha_result'];
if (!$validationOK) {
    exit('Wrong result. Please go back and try again.');
    //do stuff like sending an email

But looking for $POST['captcha_result'] doesn't seem to make any sense as you don't have a captcha_result field in your form, unless, perhaps, you change it so looks like this:

<input type="text" name="captcha_result" value="" onclick="this.value=''" />
Answered over 8 years ago by Rob Crowther