How to implement reCAPTCHA in PHP

CAPTCHA! yes it is spelt correct. It actually stands for
CAPTCHA => "Completely Automated Public Turing test to tell Computers and Humans Apart"

It was actually proposed by Alan Turing in 1950 to determine if a machine has a man equivalent mind.

A more generalist usage of the term and its concept is widely adopted to differentiate between a human and robot interaction on a website or a web application. This prevents headless browsing, spams, abuse and results in better user experience. Here we try to demonstrate how to integrate Google reCAPTCHA using PHP in simple steps.

Note: The version 1.0 of the Google captcha has been discontinued and has been renamed as reCAPTCHA which is v 2.0. Click here for more information.

Step 1 : Register the Domain

Go to the Google reCAPTCHA admin panel and register for keys on a particular domain, without any sub-directory.

Once you register your site on the admin panel; then you will be allocated the site keys. You can add multiple domains under one label, and can add multiple reCAPTCHA sites.

Step 2 : Get your Site API key

The site keys are under the "Keys" section.
There will be two keys
  • Site Key : Used in the HTML code on the domain
  • Secret Key : Used for communication between the site and the Google. As the name suggest, this has to be secret and has to be private.

Step 3 : Add HTML Code (index.php)

Add the script under the head section of the index.php (or index.html), like so,
<script src=""></script>

Create a form with the div with class="g-recaptcha" and your site key, like so,
<head><title>How to use reCaptcha | Wordane</title>
<script src=""></script>
<body> <!-- the body tag is required or the CAPTCHA may not show on some browsers -->
<!-- your HTML content -->
<form method="post" action="verify.php">
<label for="name">Name:</label>
<input name="name" required /><br/>
<label for="age">Age:</label>
<input name="age" required /><br/>
<!-- This is for the captcha and we get this from -->
<div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY_GOES_HERE"></div>
<input type="submit" />
<!-- more of your HTML content -->

Step 4 : Download reCAPTCHA library

To keep things simple in this example we will restrain from using composer. For a detailed installation of the reCAPTCHA visit the github repo on Google reCAPTCHA. If on linux (Ubuntu), then use the following to download the master branch as a zip in the working directory.


Then unzip it and rename (move) to a new directory for sake of sanity.

mv recaptcha-master/ captcha

The source contains a directory "src", which has all the namespaced classes under sub-directory ReCaptcha and autoload.php. We will use autoload.php, in order to avoid requiring any dependencies.

Step 5 : Add PHP code to verify user

As per our HTML form in Step 3, the action is specified to be verify.php, hence we create the file with the same name and require_once the autoload.php under the captcha/src/, like so


The next step is to assign our Secret key from our reCAPTCHA admin dashboard as shown in Step 2 into a variable $privatekey, like so:

Now we create an object like so,
$recaptcha = new \ReCaptcha\ReCaptcha($privatekey);

Now we verify the private secret key with the response from the HTML form and remote address, like so
$resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER["REMOTE_ADDR"]);
When the HTML form is submitted at index.php (or index.html), then along with the form fields "g-recaptcha-response" is also send in POST.
The verify function needs the SERVER_ADDRESS and this response to verify.

Now we validate the response like so:
if ($resp->isSuccess()) {
        die('Thank you. Captcha verified correctly');
    } else {
        $errors = $resp->getErrorCodes();

Hence our verify.php would look something like this:
    $privatekey = "YOUR_PRIVATE_KEY_GOES_HERE";

    $recaptcha = new \ReCaptcha\ReCaptcha($privatekey);
    $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER["REMOTE_ADDR"]);
    if ($resp->isSuccess()) {
        die('Thank you. Captcha verified correctly');
    } else {
        $errors = $resp->getErrorCodes();

Wordane | Google reCAPTCHA simplified


If the reCAPTCHA is filed in properly, along with properly, we see a "Thank you. Captcha verified correctly" message else we have an array with error codes and description.

For the working code of above example, click here for github repo
For a complete list of API request and response visit the Google documentation here.
For a complete introduction of the Google reCAPTCHA click here.

Python Grammar - Rules and Expressions 1

Wordane | Python Grammar - Expressions and Rules

In order to get a valid Language with a certain logic, it is crucial to follow general rules. In English language we follow grammar, and similarly in any computer language. Computer languages cannot be ambiguous and verbose, hence they follow a strict grammar.
In this blog post, I discuss the Python grammar.

Generally in English, we follow the following rules AKA Backus Naur Form.

Rule 1: Subject -> Subject Verb Object

The Subject can be Noun, Object can be a Noun; hence

Rule 2: Subject -> Noun
Rule 3: Object -> Noun
Rule 4: Verb -> Like, Play, Dance ()
Further the Noun can be described as

Rule 5: Noun -> I, John Doe, Baseball

The purpose of Backus Naur Form is to precisely describe the language structure.
In general we follow

-> replacement (this can be sequence of Sentence, subject, Noun, Object, Verb or a )

is something that we are not finished with. i.e. Sentence, Subject, Object, Noun; but not Like, Play, Dance ()

In any language our goal is to start with Non-terminals and finish with terminals.

So, we start with
Sentence -> Subject Verb Object

Following the above rules 2 and 3
Sentence -> Noun Verb Noun
above is still a non-terminal, so we keep on going.

Sentence -> I Like Baseball
Above is a valid Expression in English

Following the same Grammar rules in English, the valid English expressions can be

I Play Baseball
John Doe Play Baseball
I Dance John Doe
Baseball Like John Doe

For Python, the grammar rule holds like so:

Rule 1: Expression -> Expression Operator Expression
Rule 2: Expression ->  Number
Rule 3: Operator -> +, * ...
Rule 4: Numbers -> 0,1 ...
Rule 5: Expression -> (Expression)

Starting with

Expression -> Expression Operator Expression
Expression -> Number Operator Number
Expression -> 1 + 1

Above is a valid Python Grammar

We can
Expression -> Expression Operator Expression

Now using the Rule 1:
Expression -> Expression Operator Expression Operator Expression

We can use Rule 1 and build complicated expressions. Continuing from above

Expression -> (Expression) Operator (Expression) Operator Expression

Expression -> (Number) Operator (Number) Operator Number

Expression -> (4) + (5) - 9
Above is a valid expression with all terminals, hence we cannot go further

Below are all valid expression
Expression -> 3
Expression ->  (1+ (2 * 3) - 5 + (4 * 20))
Expression -> (((((5)))))

Below are NOT valid expressions:
Expression -> - 55
For above Rule 1 is not followed}

Expression -> ((6)))
For above Rule 5 is not followed.

Expression -> )((6))
For above Rule 5 is not followed