Using reCAPTCHA with Classic ASP

  • reCAPTCHA v1.0 is deprecated; upgrade to v2.0 for continued support.

  • This guide demonstrates how to integrate reCAPTCHA into classic ASP websites to prevent bot abuse.

  • Provided ASP code snippets enable rendering the reCAPTCHA widget and validating user responses.

  • Sample HTML illustrates how to display the reCAPTCHA challenge and handle success/failure scenarios within your ASP page.

Important: Version 1.0 of the reCAPTCHA API is no longer supported, please upgrade to Version 2.0. Learn more

The reCAPTCHA ASP guide provides a simple way to place a CAPTCHA on your ASP page, helping you stop bots from abusing it. The code below wraps the reCAPTCHA API.

After you've signed up for your API keys, you can add reCAPTCHA to your classic ASP site by pasting the code below at the top of your ASP page: 

  <%
  recaptcha_challenge_field  = Request("recaptcha_challenge_field")
  recaptcha_response_field   = Request("recaptcha_response_field")
  recaptcha_public_key       = "your_public_key" ' your public key
  recaptcha_private_key      = "your_private_key" ' your private key

  ' returns the HTML for the widget
  function recaptcha_challenge_writer()

  recaptcha_challenge_writer = _
  "<script type=""text/javascript"">" & _
  "var RecaptchaOptions = {" & _
  "   theme : 'red'," & _
  "   tabindex : 0" & _
  "};" & _
  "</script>" & _
  "<script type=""text/javascript"" src=""http://www.google.com/recaptcha/api/challenge?k=" & recaptcha_public_key & """></script>" & _
  "<noscript>" & _
    "<iframe src=""http://www.google.com/recaptcha/api/noscript?k=" & recaptcha_public_key & """ frameborder=""1""></iframe><>" & _
      "<textarea name=""recaptcha_challenge_field"" rows=""3"" cols=""40""></textarea>" & _
      "<input type=""hidden"" name=""recaptcha_response_field""value=""manual_challenge"">" & _
  "</noscript>"

  end function

  ' returns "" if correct, otherwise it returns the error response
  function recaptcha_confirm(rechallenge,reresponse)

  Dim VarString
  VarString = _
          "privatekey=" & recaptcha_private_key & _
          "&remoteip=" & Request.ServerVariables("REMOTE_ADDR") & _
          "&challenge=" & rechallenge & _
          "&response=" & reresponse

  Dim objXmlHttp
  Set objXmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
  objXmlHttp.open "POST", "https://www.google.com/recaptcha/api/verify", False
  objXmlHttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
  objXmlHttp.send VarString

  Dim ResponseString
  ResponseString = split(objXmlHttp.responseText, vblf)
  Set objXmlHttp = Nothing

  if ResponseString(0) = "true" then
    'They answered correctly
     recaptcha_confirm = ""
  else
    'They answered incorrectly
     recaptcha_confirm = ResponseString(1)
  end if

  end function

  server_response = ""
  newCaptcha = True
  if (recaptcha_challenge_field <> "" or recaptcha_response_field <> "") then
    server_response = recaptcha_confirm(recaptcha_challenge_field, recaptcha_response_field)
    newCaptcha = False
  end if

  %>

What happens here is the variables server_response and newCaptcha are set whenever the page is loaded, allowing you to determine the state of your page.

You can use the following HTML as a skeleton:

  <html>
  <body>

  <% if server_response <> "" or newCaptcha then %>

    <% if newCaptcha = False then %>

      <!-- An error occurred -->
      Wrong!

    <% end if %>

    <!-- Generating the form -->
    <form action="recaptcha.asp" method="post">
      <%=recaptcha_challenge_writer()%>
    </form>

  <% else %>

    <!-- The solution was correct -->
    Correct!

  <%end if%>

  </body>
  </html>

Further Reading

  • Customizing Look and Feel
  • Tips and Guidelines
  • Troubleshooting
    •