Asirra (Animal Species Image Recognition for Restricting Access) is a captcha technology developed by Microsoft. This article will explain how it's different from other captcha systems, the benefits of using Asirra, and how to set it up on your PHP-based website.
To start, it is important that you know how Asirra works as well as its process flow in separating bots from humans. Refer to the application flow chart below:
The source code solution discussed on this tutorial assumes that you will be using one PHP file for presenting the web form and validating the form inputs as well as the captcha. This is a common setup for most PHP web form applications.
It starts by checking to see if the form has been submitted; if not, the form will be presented to the user. The form will be protected with Asirra captcha, and its server will supply images of cats and dogs which the user can see on the form (like the screen shot provided previously).
After the user fills out the form and then attempts to answer the captcha challenge, Asirra will check, using client side validation, to see if the challenge is correctly answered.
If the answer is incorrect, the error “Please correctly identify the cats” will be shown to the server, and the form is not yet processed by the web server.
If the answer is correct, PHP server side validation will start. It first validate the Asirra answer by using a ticket system. If the answer is authentic, the application shows that the user is human and not a bot, then proceeds to process the rest of the web form data.
If the answer is not correct, the application will display the error “Asirra validation failed.” So in summary, this system performs both client and server side validation in verifying the user captcha answer.