How do I add form verification?

The JavaScript + PHP integration adds real-time email verification to any HTML form. The widget validates on the client side; the PHP loader performs an authoritative server-side check that cannot be bypassed even if JavaScript is disabled.

Choosing your verification method:

Your integration’s verification method controls both what the widget checks in real time and what the PHP loader enforces on submit. The right choice depends on your accuracy and speed requirements:

  • Deep Verification — recommended for most — Use a single integration for both the widget and the PHP loader. Results are cached for 30 minutes: if the widget checks an email and the visitor submits within that window, the PHP loader reuses the cached result at no extra charge. Total cost: 1 credit per submission. Widget feedback takes 2–5 seconds while the SMTP handshake runs.
  • Hybrid — fast widget, SMTP-accurate submit — A single integration and siteKey where the widget runs a Fast Check (0.5 credits, near-instant feedback) and the PHP loader runs a full SMTP handshake (1 credit, authoritative check). The two checks do not share a cache — the loader always performs a fresh SMTP check. Total: 1.5 credits per submission. Best when you want instant widget feedback without sacrificing server-side accuracy.
  • Fast Check only — Both the widget and the PHP loader run a Fast Check (0.5 credits each, 1 credit total). No SMTP handshake. Use this if speed and cost are the priority and syntax/MX/disposable filtering is sufficient.
  • Send to Verify — Use when you need proof that the visitor can actually access the inbox, not just that the address is deliverable. The widget guides the visitor through sending a confirmation email before the form unlocks.

Step 1 — Create an integration:

Go to Integrations in your dashboard and create a new integration. Choose your verification method using the guidance above, then add all domains where your form is hosted. Requests from domains not on the allowed list will be rejected.

Step 2 — Download and configure the PHP loader:

Download verifyswift_loader.php from the integration setup page and upload it to your server. Open the file and set $inputName to the name attribute of your email field (default: email):

$inputName = 'email'; // matches <input name="email">

The loader also contains an $errorMessages array that maps verification error codes to the messages shown to the user. You can edit these messages to match your site’s tone. Error codes include: invalid, invalid_syntax, no_mx_records, disposable, risky, catch_all, inbox_full, spamtrap, invalid_key, awaiting_confirmation, service_unavailable.

If the loader encounters a network or API error, it writes a timestamped entry to verifyswift_email_verification_errors.log in the same directory as the loader file.

Step 3 — Include the loader in your form processor:

Add this as the first line after <?php in the script that handles your form’s POST. If the email is not verified, exit() is called before any other code runs.

include "/path/to/verifyswift_loader.php";

Step 4 — Add the widget to your form page:

Paste the following snippet into the page that contains your form. Replace YOUR_SITE_KEY with the key shown on the integration setup page.

<script>
  var VerifySwiftConfig = { siteKey: "YOUR_SITE_KEY" };
</script>
<script src="https://check.verifyswift.com/"></script>

The widget auto-detects email fields, shows inline feedback as the visitor types, and prevents form submission until the email check passes.

Excluding or targeting specific fields:

By default the widget attaches to all inputs of type email and any input whose name or id contains “email”. You can control this behaviour with HTML attributes or via config:

  • data-verifyswift-ignore — add to any input to exclude it from auto-attach:

<input type="email" name="cc_email" data-verifyswift-ignore>

  • data-verifyswift — add to any input to force-attach the widget regardless of its type or name:

<input type="text" name="contact" data-verifyswift>

  • fieldSelector in config — attach only to elements matching a CSS selector (see How do I customize the widget? for details).

Integration status:

Each integration can be enabled or disabled from its settings page. When an integration is disabled, all verification requests made with its site key are rejected immediately — the widget will display a service error and form submission will be blocked. Re-enable the integration from the dashboard to restore normal operation.