Home arrow AJAX & Prototype arrow Page 2 - Using Recaptcha in AJAX Prototype Framework with PHP

The Final Functions - AJAX

One of the biggest problems with form handling is spam. If the form is not protected with captcha, then most likely spam and auto-form submission will happen. But thanks to Google Recaptcha, PHP and AJAX technology, a webmaster can now implement captcha protection without severely affecting the user's experience. This is a beginner tutorial on using Recaptcha with the AJAX prototype framework and PHP.

  1. Using Recaptcha in AJAX Prototype Framework with PHP
  2. The Final Functions
By: Codex-M
Rating: starstarstarstarstar / 1
November 22, 2010

print this article



The Final AJAX/JavaScript Functions in Index.php <head>

<script type="text/javascript" src="prototype.js"></script>
<script type="text/javascript">
function sendRequest() {
new Ajax.Request("/recaptchaajaxprototype/recaptchavalidate.php",
method: 'post',
parameters: 'recaptcha_challenge_field='+$F('recaptcha_challenge_field')+'&recaptcha_response_field='+$F('recaptcha_response_field'),
onComplete: EvaluateResponse
function EvaluateResponse(req){
var response = req.responseText;
var wrong = "Wrong";
var compare ="Incorrect captcha";
if (response==wrong) {
else {
function processdata() {
//Server side validation and form processing
new Ajax.Request("/recaptchaajaxprototype/process.php",
method: 'post',
parameters: 'age='+$F('age'),
onComplete: showResponse
function showResponse(req){
$('show').innerHTML= req.responseText;

RecaptchaValidate.php Script

This PHP script is used by the AJAX function to validate the user's Recaptcha input. The following is the code:


//Start PHP session
//Session is used to pass the success validation key to the process.php script, indicating that the Recaptcha validation has been successful.

//Session is a safe way to pass the values because the success validation value will not be visible using a client browser.


//Require the recaptcha library files.


//Define your own Recaptcha private key here.


//Post the recaptcha answer to server for comparison.

$resp = recaptcha_check_answer ($privatekey,$_SERVER["REMOTE_ADDR"],$_POST["recaptcha_challenge_field"],$_POST["recaptcha_response_field"]);

//Check if the user recaptcha answer is correct or not.

if (!$resp->is_valid)

//If the answer is incorrect, then output the text "Wrong". This text value will be assigned to AJAX req.responseText and will be used by the Javascript functions to do comparison.
echo "Wrong";
if ($resp->is_valid)

//If the Recaptcha answer is valid, then assign the MD5 value of the Recaptcha private key to a session variable.

//This session variable will be passed to process.php web forms for Recaptcha success validation.

//For security reasons, session are used instead of passing the values back to the AJAX and Javascript functions.

//It is because if the values are passed back to JavaScript, it will be accessible by the client browser and can compromise the key.

$_SESSION['validatesuccess']= md5($privatekey);

Process.php Script

This PHP script will do the work of form processing. It will retrieve the form's user inputs, process them and send output back to the user. However, it will only accept and process form values if the Recaptcha validation succeeds.


//Start the PHP session, this is REQUIRED to retrieve the success validation key values passed from Recaptchavalidate.php


//Assign all errors to an array


//Your Recaptcha private key


//MD5 again your private in process.php so that the hash value will be compared to the value from the recaptchavalidate.php


//Assign the value of the session coming from recaptchavalidate.php to a php variable.

$recaptchavalidation = $_SESSION['validatesuccess'];

//Check if the captcha is correct by comparing the hashed value to the value from the session variable

if ($recaptchavalidation <> $hash)
$errors[]= "ERROR: Wrong Recaptcha.";

//Start of actual form handling. Retrieving the posted values from the web form and other processing. You can replace the entire PHP code below with your own application.

$age =trim($_POST['age']);
if (empty($age)) {
$errors[] = 'ERROR: Your age is empty.';

if (!(is_numeric($age))) {
//not a number
$errors[] = 'ERROR: The submitted data is NOT a NUMBER';
$roundup= round($age);
$inttest= abs($roundup-$age);
if ($inttest !=0) {
//not an integer
$errors[] = 'ERROR: The submitted data is NOT an INTEGER. Only non-decimal values are allowed.';

if (($age < 0) || ($age == 0)) {

//less than

$errors[] = 'ERROR: Negative number is NOT allowed.';


if (sizeof($errors) > 0)
 echo "<ul>";
 foreach ($errors as $e)
  echo "<li>$e</li>";
 echo "</ul>";
 die ();
//data submitted by user are valid, determine age criteria
if ($age<18) {
 echo 'You are a minor!';
if (($age>17) && ($age<60)) {
    echo 'Your age belongs to the majority!';
if ($age>59) {
    echo 'You are a senior citizen!';

//End of Form processing
//Destroy the session value.


You can download all of thee project scripts here: http://www.php-developer.org/recaptchaajaxprototype/

>>> More AJAX & Prototype Articles          >>> More By Codex-M

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Best AJAX Tutorials for Forms
- The Best AJAX Tutorials
- 8 Great Ajax Tutorials
- Using Ajax and jQuery
- Using Ajax and jQuery with HTML Forms
- Ajax.org Offers Cloud9 IDE for JavaScript
- Java Technologies Provider ICEsoft Releases ...
- Using Recaptcha in AJAX Prototype Framework ...
- Google's Closure Compiler Service API: Addit...
- Installing Google Web Toolkit: Introducing t...
- Google's Closure Compiler Service API: Displ...
- Google's Closure Compiler Service API: Deliv...
- Google's Closure Compiler Service API: the A...
- Google's Closure Compiler Service API: the S...
- Google's Closure Compiler Service API: Optim...

Developer Shed Affiliates


Dev Shed Tutorial Topics: