Really Simple CAPTCHA

Wordpress Plugin
Download latest - 2.1



Download Stats

Today 11
Yesterday 1,599
Last Week 8,988
All Time 6,116,512
Banner 772x250

Really Simple CAPTCHA does not work alone and is intended to work with other plugins. It is originally created for Contact Form 7, however, you can use it with your own plugin.

Note: This product is "really simple" as its name suggests, i.e., it is not strongly secure. If you need perfect security, you should try other solutions.

How does it work?

Really Simple CAPTCHA does not use PHP "Sessions" for storing states, unlike many other PHP CAPTCHA solutions, but stores them as temporary files. This allows you to embed it into WordPress without worrying about conflicts.

When you generate a CAPTCHA, Really Simple CAPTCHA creates two files for it; one is an image file of CAPTCHA, and the other is a text file which stores the correct answer to the CAPTCHA.

The two files have the same (random) prefix in their file names, for example, "a7hk3ux8p.png" and "a7hk3ux8p.txt." In this case, for example, when the respondent answers "K5GF" as an answer to the "a7hk3ux8p.png" image, then Really Simple CAPTCHA calculates hash of "K5GF" and tests it against the hash stored in the "a7hk3ux8p.txt" file. If the two match, the answer is confirmed as correct.

How to use with your plugin

Note: Below are instructions for plugin developers.

First, create an instance of ReallySimpleCaptcha class:

$captcha_instance = new ReallySimpleCaptcha();

You can change the instance variables as you wish.

// Change the background color of CAPTCHA image to black $captcha_instance->bg = array( 0, 0, 0 );

See really-simple-captcha.php if you are interested in other variables.

Generate a random word for CAPTCHA.

$word = $captcha_instance->generate_random_word();

Generate an image file and a corresponding text file in the temporary directory.

$prefix = mt_rand(); $captcha_instance->generate_image( $prefix, $word );

Then, show the image and get an answer from respondent.

Check the correctness of the answer.

$correct = $captcha_instance->check( $prefix, $the_answer_from_respondent );

If the $correct is true, go ahead. Otherwise, block the respondent -- as it would appear not to be human.

And last, remove the temporary image and text files, as they are no longer in use.

$captcha_instance->remove( $prefix );

That's all.

If you wish to see a live sample of this, you can try Contact Form 7.

Releases (15 )

Version Release Date Change Log
2.1 2021-02-28
  • Uses hash_equals() to compare strings.
2.0.2 2019-06-07
  • "Stable tag" refers to trunk.
2.0.1 2017-08-23
  • Does a file existence check before attempting to remove the file.
2.0 2017-06-01
  • Did some rewrite of the code following the coding standard.
  • Updated the license file; added a section for bundled font files.
1.9 2016-04-29
  • Change the default file mode: 0644 for image and 0640 for answer.
  • Add "Text Domain" field to the plugin header.
  • Update bundled font: Gentium Basic 1.102.
  • Add $max argument to cleanup() to prevent an endless file cleanup. 2014-12-17
  • The required WordPress version changed to 3.9 and higher.
  • Tested on WordPress 4.1.
1.8 2014-03-23
  • The required WordPress version changed to 3.7 and higher.
  • Introduce normalize_path() to normalize file paths on different file systems.
1.7 2013-08-16
  • The required WordPress version changed to 3.5 and higher.
  • Remove spaces from response automatically as some users misthink there are spaces between letters.
1.6 2013-05-03
  • Bundled font changed to Gentium Basic 1.1.
  • Some workarounds for infrequently reported problems on Windows server.
  • Do temp file cleanup every time before generating CAPTCHA image.
1.5 2012-03-10
  • The required WordPress version changed to 3.2 and higher.
  • Use plain text file as answer file (again). This time, hash value generated with hash_hmac() is stored in the file.
1.4 2012-01-10
  • Reverted answer file to PHP. As plain text file is visible from client side, that's not good.
1.3 2012-01-02
  • Use plain text file as answer file.
1.2 2010-09-22
  • File name sanitization added.
1.1 2009-11-10
1.0 2009-03-14