When you submit a form to a CGI program that resides on the server, it is usually programmed to do its own check for errors.If it finds any it sends the page back to the reader who then has to re-enter some data, before submitting again.Once you know how the process works when someone submits some data on the front end, and how it is manipulated and returned on the back end, it is easy to see how you can exchange information between the languages.When you visit a PHP page for the first time (or any website that has a server-side language generating its pages) your browser first requests a page from the server.
The quagmire is that Java Script is a client side language (most of the time) and PHP is a server-side language.
This file creates a PNG image containing a series of five digits.
It also stores these digits in a session variable so that other scripts can know what the correct code is and validate that it's been entered correctly.
A Java Script check is useful because it stops the form from being submitted if there is a problem, saving lots of time for your readers.
The CGI script is still more reliable, as it always works regardless of whether Java Script is enabled on the client-side or not; but having this extra safety barrier is a nice thing to have in place.