The Server-side Routine

Now here's the server-side routine captcheck.php, which checks the user-entered code (passed to captcheck.php as a GET variable) against the session variable $string:

session_start();

This code ensured that the previously-generated PHP session is maintained.

if(strtoupper($_GET['code']) != $_SESSION['secret_string'])
{
   echo '0';  // failed
} else {
   echo '1';  // passed
}

This script returns a value of "1" for success and "0" for failure; this is the value tested by the callback function in order to determine whether the form should be submitted or not.

Finally, let's look at the overall layout of the Javascript section in the head of the page containing the form. We won't include the detail of the getHTTPObject() function, as this has been described elsewhere on the site:

var url = 'captcheck.php?code=';
var captchaOK = 0;  // 1 - correct, 0 - failed
function getXMLHTTPObject() {
 ... see elsewhere on the site ... 
}
var http = getXMLHTTPObject(); // We create the HTTP Object 
function handleHttpResponse() {
.. see this tutorial ... 
}
function checkcode(thecode) {
.. see this tutorial ... 
}
function checkform() {
.. see this tutorial ... 
}

... and that's it! On the next page you can see the Ajax CAPTCHA in action.

<<< Previous   Next >>>