Captcha control in asp.net

Suggested Videos
Part 163 - Dynamically adding treenodes to treeview control
Part 164 - Displaying organization employee chart using treeview control
Part 165 - How to display an icon for website on browser tab



In this video, we will discuss using captcha control in asp.net web application.



What is the use of Captcha control 
The term CAPTCHA stands for Completely Automated Public Turing Test To Tell Computers and Humans Apart. The following are the 2 most compelling reason for using captcha control 

1. To prevent automated computer programs from submitting comments (SPAM). CAPTCHA control ensures only humans can enter comments.

2. To prevent bogus user registrations. For example, when you try to create a new gmail account, notice that there is a captcha control displayed on the registration page. This ensures only humans can register and not automated scripts.

It is very difficult for automated computer programs to read the distorted text displayed in a captcha control.

Example : The data entered in the webform below should only be saved to the database table when captcha control passes validation


There are several free captcha controls available on the internet. I have tested reCAPTCHA control with ASP.NET and works very well. It is very easy to integrate as well. Here are the steps.

Step 1 : Sign up for API keys.
https://developers.google.com/recaptcha/intro

Step 2 : Download reCAPTCHA ASP.NET library
https://developers.google.com/recaptcha/docs/aspnet

Step 3 : Extract Recaptcha.dll from the downloaded ZIP folder

Step 4 : Create an empty asp.net web application. Name it Demo. Add a reference to Recaptcha.dll assembly.

Step 5 : Include the database connection string in web.config file

Step 6 : Create database table RegisteredUsers to store data

Create table RegisteredUsers

(

     Id int identity primary key,

     Name nvarchar(50),

     Email nvarchar(50),

     Password nvarchar(50)

)

Step 7 : Create spRegisterUser stored procedure to insert data

Create proc spRegisterUser

@Name nvarchar(50),

@Email nvarchar(50),

@Password nvarchar(50)

as

Begin

     Insert into RegisteredUsers

     values (@Name, @Email, @Password)

End

Step 8 : Add a web form to the Demo project. 
a) Include the following Register directive on the page just below the Page directive

<%@ Register TagPrefix="recaptcha" Namespace="Recaptcha"

                         Assembly="Recaptcha" %>

b) Copy and paste the following HTML inside the <form> tag

<div style="font-family: Arial">

    <h3>User Registration</h3>

    <table style="border: 1px solid black">

        <tr>

            <td>

                <b>Name </b>

            </td>

            <td>

                <asp:TextBox ID="txtName" runat="server" Width="230px">

                </asp:TextBox>

            </td>

        </tr>

        <tr>

            <td>

                <b>Email </b>

            </td>

            <td>

                <asp:TextBox ID="txtEmail" runat="server" Width="230px">

                </asp:TextBox>

            </td>

        </tr>

        <tr>

            <td>

                <b>Password </b>

            </td>

            <td>

                <asp:TextBox ID="txtPassword" runat="server" Width="230px"

                                TextMode="Password"></asp:TextBox>

            </td>

        </tr>

        <tr>

            <td colspan="2">

                <recaptcha:RecaptchaControl ID="recaptcha" runat="server"

                    PublicKey="your_public_key"

                    PrivateKey="your_private_key" />

            </td>

        </tr>

        <tr>

            <td colspan="2">

                <asp:Button ID="btnSubmit" runat="server" Text="Register"

                            OnClick="btnSubmit_Click" />

            </td>

        </tr>

        <tr>

            <td colspan="2">

                <asp:Label ID="lblMessage" runat="server"></asp:Label>

            </td>

        </tr>

    </table>

</div>

Step 9 : Copy and paste the following code in the code-behind page

using System;

using System.Configuration;

using System.Data;

using System.Data.SqlClient;

using System.Web.UI;

namespace Demo

{

    public partial class WebForm1 : System.Web.UI.Page

    {

        protected void btnSubmit_Click(object sender, EventArgs e)

        {

            if (Page.IsValid)

            {

                string cs = ConfigurationManager.ConnectionStrings["CS"].ConnectionString;

                using (SqlConnection con = new SqlConnection(cs))

                {

                    SqlCommand cmd = new SqlCommand("spRegisterUser", con);

                    cmd.CommandType = CommandType.StoredProcedure;

                    SqlParameter paramName = new SqlParameter("@Name", txtName.Text);

                    SqlParameter paramEmail = new SqlParameter("@Email", txtEmail.Text);

                    SqlParameter paramPassword = new

                        SqlParameter("@Password", txtPassword.Text);

                    cmd.Parameters.Add(paramName);

                    cmd.Parameters.Add(paramEmail);

                    cmd.Parameters.Add(paramPassword);

                    con.Open();

                    cmd.ExecuteNonQuery();

                }

                lblMessage.Text = "Registration Successful";

            }

            else

            {

                lblMessage.Text = "Word verification failed";

            }

        }

    }

}