Recently implemented a Captcha field on a signup page. So, to start with I looked around for a good plugin to handle this. ReCaptcha was the first one that popped up. ReCaptcha does support themeing, which is nice since the default red and yellow is a bit loud. The problem I came across is it renders hard to read images a good 20% of the time. See example below.
Can the average user be expected to get past this hurdle? I seriously doubt it. We don’t want to deter users from succeeding at signing up. We especially don’t want to make them feel stupid because of some clunky but well intended gadget on the page.
So for now instead of ReCaptcha I went with the PHP FatFree Captcha plugin. It doesn’t have the audio component, nor the refresh or help button, but I think it is a lot cleaner. I wish the ReCaptcha library had configuration options for this, and a ‘difficulty’ level.
Here is a code example of using PHP FatFree (F3) to display a captcha image inline in a form. You supply the ttf font on your own.
<? // use FatFree's captcha feature to build a 7 letter captcha image $img = new Image(); $img->captcha('./library/fonts/Arial.ttf',16,7,'SESSION.captcha_code'); ?> <img src="data:image/png;base64,<?= base64_encode($img->dump()); ?>" /> <? // the correct answer is stored in: // $_SESSION['captcha_code']; ?>
Other thoughts about blocking spammy signups:
We could go without a captcha field, but at the same time, we want to cut down on spam. A good trick, which compliments a captcha, is to add a hidden form field which must be left empty for the submission to succeed. A human never sees this field so it is no problem for that use case. However, greedy spam robots will normally fill out every single form field they find in the HTML. The robots are too dumb to recognize they are tipping their hand, and the submission fails.