Hi, it's my first time using captcha with PHP, I think I'm pretty close. I can get it echo everything is right or whatever when the fields are filled in correctly and correct words are entered, but what I can't do is make it run the script from another file when everything does work as I can't use PHP header as html is already there and I tired javascript but the variables weren't passed. Any help will be very appreciated, here is the code:


    $link = mysql_connect('', '', ''); 
    if (!$link) { 
        die('Could not connect: ' . mysql_error()); 
    echo 'Connected successfully'; 

    if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['username']))) ) {
            $username = mysql_real_escape_string($_POST['username']);
            $query = "SELECT username FROM users WHERE username = '$username'";
            $result = @mysql_query($query);
            $num = @mysql_num_rows($result);

            if ($num> 0) {
                $errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>';
            } else {
                $username = mysql_real_escape_string($_POST['username']);
        } else {
            $errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>';


    if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) )) {
            $errors[] = '<font color="red">Please provide a valid email address.</font>';
        } else {
            $email = mysql_real_escape_string($_POST['email']);

    if (!empty($_POST['password1'])) {
            if ($_POST['password1'] != $_POST['password2']) {
                $errors[] = '<font color="red">The 2 passwords you have entered do not match.</font>';
            } else {
                $password = $_POST['password1'];
        } else {
            $errors[] = '<font color="red">Please provide a password.</font>';

    //Recaptcha script

    // call the lib..

    // Get a key from http://recaptcha.net/api/getkey
    $publickey = "xxxxxxxxxxxxxxxxxxxxxxxxxx";
    $privatekey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

    # was there a reCAPTCHA response?
    if ($_POST["submit"]) {
        $response = recaptcha_check_answer($privatekey,

    if (empty($errors) && ($response->is_valid)) {

*** //Here is where I would to insert the header or whatever to registerscript.php

    } elseif (!empty($errors)) {
            echo '<h3>Error!</h3>
            The following error(s) occured:<br />';

            foreach ($errors as $msg) {
                echo " - <font color=\"red\">$msg</font><br />\n";

    else {echo 'Sorry, those words did not match the image';}




    <form method="post">
        <p><input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" size="30" maxlength="30" /> <small>Username</small></p>

        <p><input type="password" name="password1" size="30" maxlength="40" /> <small>Password</small></p>

        <p><input type="password" name="password2" size="30" maxlength="40" /> <small>Confirm Password</small></p>

        <p><input type="text" name="email" size="30" maxlength="30" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /> <small>Email Address</small></p>

      <?php echo recaptcha_get_html($publickey, $error); ?>
    <input style="width: 317px" type="submit" value="submit" name="submit"/>

    <p>If you are already registered, <a href="http://...login.php">log in</a></p>


It all works properly, the erros messages etc., so just the redirect bit.

I also realise I haven't encrypted password and probably have escaped MySql but will do that before it goes live.

Thanks for your help

Recommended Answers

All 4 Replies

Would it be better if I used Javascript to check the fields, and then php only to check captcha and submit or would I still have the same problem?

Sorry to keep pushing this, but does anyone have suggestions? Even if it completely changes everything?


How do you exactly know if it works perfectly? I have noticed an attribute being left out of the form.

<form method="post">

So, where is the action="" for the page that takes the inputs from users and check them and do the whole PHP magic?

In response to your question whether you should use JavaScript to check the input validation or PHP.I think that depends on you if you want it checked on server side or client side. Client side, of course, is faster.

Let us know how you go. Have a look at these tutorials. I think he got a couple on PHP capcha.



Thanks for the reply. Sorry I haven't explained myself very well. My problem is where do I put that action="" part because if I put it next to method="post" it seems to carry out that method regardless of whether the captcha letters are correct or not, so I guess the question I meant was where do I put method=""?

Thank you

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.