"POST") die("You can only reach this page by posting from the html form"); //Check if the securidy code and the session value are not blank //and if the input text matches the stored text if(($_REQUEST["txtCaptcha"] == $_SESSION["security_code"]) && (!empty($_REQUEST["txtCaptcha"]) && !empty($_SESSION["security_code"]))) { echo "success"; } else { echo "failed"; } ?>