Overview >>
  • BotBlock is a freeware service that lets anyone with basic PHP/HTML skills to block spam bots from auto-filling forms on their sites. It lets you use CAPTCHA image-verification technology, much like AltaVista, Yahoo!, and TicketMaster, on your site for free with minimal coding and does not require you to install any special PHP Image libraries.

  • Go to the 'BotBlock User Manager' to create or change a new username and password key. Scroll down this page for the source code that you can copy/paste easily.

  • Check out a demo of BotBlock in action to see how simple it is. We welcome your feedback but please make sure you have read the FAQ before emailing us with your questions.

Features >>
  • BotBlock allows you to generate your own codeword and send the request to our image-server using two-way encryption. The image source is encoded with your password and decrypted at our end using the same password from our database.

  • Using the IFRAME tag, BotBlock lets you place the image containing the codeword anywhere on your site. The use of inline-frames also allows us to provide an innovate click-to-redraw feature. That is, suppose the user cannot identify the codeword from the rendered image, they can simply click on the image to redraw it in a different style. The codeword is the same, but the image is rendered in new colors.

  • And since we take care of the image-server, if it comes to our notice that spam bots with OCR capabilities have managed to decipher the codewords, we can simply update the image generation algorithm at our end and you don't have to bother.

  • You can generate codewords upto 8 characters (A-Z, 0-9, and some basic symbols). Codewords are case-insensitive.

  • Be sure to check out the demo of BotBlock in action.

Requirements >>
  • In order to use BotBlock you would need the following:

    • PHP on your web server
    • Basic PHP/HTML editing skills
    • A web form that's being ravaged by spammers
4 Steps to setting up BotBlock >>
  • We made sure the setup process was as easy as possible. Feel free to customize the given code to suit your needs.

    1. Get a username & password from the User Manager.
    2. Save-as and upload the file: to your server and put it in the same folder as the web form.
    3. Edit the web form to call the BotBlock image server. Basically copy/paste the code in the next section into your PHP form.
    4. Edit the form processing page to check if the user entered the correct code word or not. Use the code provided below.
Download >>
Code for the Web Form >>
  • Open the PHP page that contains the HTML code for the web form. At the VERY top of the page, copy/paste the following:

    <?php require "" ?>

  • Now within your web form, which may vary from the example below, copy/paste the text in red and replace the green text appropriately. Remember that your username and password are both case-sensitive.
  • The ALT-TEXT and TOOLTIP-TEXT parameters are optional. You may just call the function using printBotBlock("USERNAME", "PASSWORD") if you wish to display the default Alt and ToolTip (Title) tags on the CAPTCHA image.
  • You may modify the CSS formatting for the input box without any problem. Do not copy the entire HTML form below, only the lines in red and green.
  • We recommend that somewhere on your form, you inform your site visitors a bit about the image-verification and codeword requirement, so as to avoid confusion. And feel free to link to if you appreciate this service.


    <h2>Print some stuff here</h2>

    <form method="POST" action="form-process.php">
      <table cellpadding=5 cellspacing=1 border=1>
          <td>Your Name:</td>
          <td><input name="realname" size=40 maxlength=40 value="Strong Mad"></td>
          <td>Your Email:</td>
          <td><input name="email" size=40 maxlength=40 value=""></td>
          <td colspan=2>
            To prevent spam bots from filling this form automatically,<br>
            we require that you please read and type the code below.
          <td valign=top>
            Your Code Is:<br><br><?=printBotBlock("USERNAME", "PASSWORD", "ALT-TEXT", "TOOLTIP-TEXT")?>
          <td valign=top>
            <b>Please type your code here</b>:<br><br>
            <input name="bb_codeword" size=40 maxlength=8 value="">
            <br><br><font color=blue>If the text is unclear, click on the image.</font>
          <td valign=top>Message:</td>
          <td><textarea wrap name="message" cols=40 rows=9>whatever</textarea></td>
          <td align=right><input type=submit value="Send"></td>

    <h2>Some other stuff here</h2>


Code for Form Processing >>
  • Open the PHP page that contains the PHP code for processing the web form. Edit and setup the page as shown below.
  • If you are a moderate or advanced coder, feel free to handle this in any way. This is just an example.
  • However make sure you include the file at the top and call the validBotBlock() function to verify if the entry was valid or not.

    // Must include at the VERY top
    require "";
    // Insert any HTML page-headings or PHP code
      <h2>Chime Bot Block</h2>
      <h3>Demo Form</h3>
    // Codeword is correct.
         // Write your own code to process the form.
         // For example:
    echo "Yup! Codeword was correct :)";
    // Codeword is incorrect.
         // Show some error or go back to last page.
         // If going back to the last page, then do NOT
         // enter any HTML page-heading above.
         // Otherwise show error, for example:
    echo "Bad monkey! Wrong codeword.";
    // Insert any HTML page-footer or PHP code
      <h5>Copyright: So-and-so</h5>

  F A Q >>
    Q) Why did you make this? And why free?
    A) Because we hate all spam just as much as you. And because we are nice people.

    Q) Can I see a demo of BotBlock in action?
    A) Of course. Here's a demo of BotBlock in action that shows you how simple it really is.

    Q) I have many forms on my site. (Or the same form is submitted many times by each visitor.) Can I only ask for the codeword the first time?
    A) Yes. All you have to do is check (using $_SESSION variables) if the user has already entered the codeword correctly once. If so, do not call printBotBlock() and validBotBlock() functions. Otherwise call them and if valid, set the session variable to true.

    Q) I don't like the default random codewords. Can I have something else for my site?
    A) Yes. If you see the file, there are three functions you can use out of the box: randomLetters(), randomNumbers(), randomWords(). In the function printBotBlock() { } definition, you can set $sCodeword to be equal to any of these. You can also edit the randomWords() function and add more words to the $words array. And of course you can always just write your own function to make up a random codeword. Just to keep things simple, do not mix letters and numerals since the letter 'O', 'Q', and number 0 can be easily confused. Also it is best to avoid using vowels as they might randomly make offensive words. For best results, use 4-8 consonants (or alternatively 5-8 digit numbers) for codewords.

    Q) Is this really secure?
    A) So far so good. In the file, you can see that we use the mcrypt_encrypt() function with md5(password) and md5(double password). Since this isn't a financial transaction, this should be more than enough to prevent any spammers from decrypting the codeword.

    Q) But all my forms are in ASP/Perl/Python/JSP/(insert CGI of choice)!
    A) If you can port the PHP code to the language of your choice, feel free to do so and give us the code so that we can share it with others. Otherwise you'll have to wait till we slowly port the PHP to Perl and ASP. This is slow because not all scripting engines support built-in libraries for mcrypt and md5.

    Q) Why is the User Manager on a different domain?
    A) The domain runs on a more powerful system than this site and has a faster network connection. We put all our heavy-duty stuff on that server. This is to ensure that if BotBlock catches on and becomes popular, the quality of the service does not degrade.

    Q) Is this it? No more FAQs?
    A) For now. Yes. If you have questions not on this list, feel free to send us an email.

Disclaimer >>
  • All code is provided to you by Chime Softwares Ltd. as is. Since this service and the relevant code is offered for free, we cannot be held responsible for any damage, misuse, or losses caused directly or indirectly by them.

  • That said, we hate spam and spyware just as much as you. None of the code above makes any changes to your existing files or performs any activity beyond image-verification. Also Chime Softwares Ltd. is not responsible for the content of the codewords chosen by individual site owners.

  • We require your email address only to send your username and password in case you lose/forget it. Otherwise we don't even want your name. We will never send any emails whatsoever for any reason.

  • We do not collect any user data or site specific statistics for any data-mining purpose. Our job is to make websites and code freeware utilities. That said, just like every responsible web host on the Internet, we record server logs with basic hit/visit counters and that information is never disclosed to anyone. Not even to our moms!

Home | Multimedia | GUI Apps | Utilities