[php] Simple captcha alternative — using math question

Today, I received some task to implement some kind of captcha in some forms in hope that this captcha will reduce the garbage and automated submission. The client asked me to implement some user friendly captcha not those that hard to see. Re-Captcha and image based captcha (such as that I implemented in mp3 to Youtube‘s contact form) is not an option. Finally, the client decided to use captcha that ask visitors some simple math problem, i.e. addition and subtraction.

I remember that one of wordpress plugin had this kind of feature. I think it’s Contact Form 7. Oh, it’s actually Really Simple Captcha plugin. But there’s another huge problem. The website is not even a wordpress-based blog/site, it’s just simple site, probably created from ground-up using Dreamweaver. So, once again, installing a plugin is not an option.

After analyzing the requirements, I decided to create it myself. This is the simple captcha features that I created:

  • it use PHP session
  • the question is just a simple math addition or subtraction. No hard to see words or image
  • the number in the math problem is small (1 – 10), 4th grader would be easily solve the math problem
  • easily added to any existing PHP forms
  • works for PHP (non-CMS) based site.

The main code is saved in file named “scaptcha.php“. This is the full source codes:


	"If you're human, what is",
	"Solve this math problem",
	"To prove you're human, please solve this",
	"What's the result of",
	"Prove that you are human! Solve this"


$sentences_idx=mt_rand(0, count($sentences)-1);  //choose which sentence to show
$_SESSION['sentence']=$sentences[$sentences_idx];  //save it to session
$operands_idx=mt_rand(0, count($operands)-1);  //choose which math operand
$_SESSION['operand']=$operands[$operands_idx];  //save it to session

$num1=mt_rand(1, 10);
$num2=mt_rand(1, 10);

switch ($_SESSION['operand']) {
	case "+":

	case "-":
                //check which one is smaller
                if ($num1<$num2) {
                        //swicth value


First, it will start PHP session. $sentence array is used to store the sentences that will be seen by visitors before the math problem. You can edit it as you wish. $operands array is the math operand supported by this simple captcha script. The script then choose which sentence to be shown and the math operand randomly. Next, it will randomly choose 2 numbers between 1 and 10, operate it mathematically then store the result in PHP session.

The form that want to use this simple captcha have to include the file above (scaptcha.php).


require_once "scaptcha.php";

Then, inside a form HTML element and --usually-- exactly before form Submit button, these codes must be placed:

echo $_SESSION['sentence']." ".$_SESSION['num1']." ".$_SESSION['operand']." ".$_SESSION['num2']." ? ";
echo "";

As you can see, the script simply show the random sentence, both numbers and operand to users then create a new text- type input where user can put it's answer. The input text is named "answer", you can change this if it's already used in different form's element name.

The target file (where the POST variables from the current form is sent and processed) must use session_start()in order to "catch" the "correct answer" of the simple captcha. Then compare the value between the correct answer saved in session and the user/visitor answer. If the answer is the same, then continue processing the form, if not, then show an error messages:


if ($_POST['answer']!=$_SESSION['result']) {
	echo "Your answer is wrong! Are you human?";
} else {
	echo "Your answer is correct!";

You have to match the $_POST['answer'] with the input text form's element name generated by the script inside the previous form (only if you changed it to other names than 'answer').

Full working demo can be tested here: http://demo.ahowto.net/scaptcha/

  1. I don’t quite understand the intention of this. Computers can read the question, for example 9 – 3. They can explode it using + and – and determine whether it should substract or add, and then they can convert the exploded string to numbers, giving it a 9 and a 3. With this data a computer can simply calculate the result and fill it in the text field. It may be a nice tool for small websites, but I see this kind of spam protection on more and more ‘bigger’ websites and services. Using reCAPTCHA or something similar isn’t that hard, isnce you can switch the picture as many times as you want. It is much more secure and greatly documented on their website. Therefore I recommend using an image captcha instead of a math captha.

    • yes, indeed. using recaptcha is a lot better, but what can I say.. it’s a client request to use this kind of captcha. 😀

  2. Thanks, this was exactly what I’m looking for. Thanks again for the script.

  3. Spam Blockers Captcha alternatives | mkt.rock.str. - pingback on 2012/09/28 at 08:43
  4. Very love this ‘SIMPLEST’ code ever i know. Thankz for sharing…

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>