Introducing captcha verification within guestbook

0
August 17, 2011

I am trying to introduce captcha verification with a guestbook.  I don't know all the rules of html, javascript, and php, so please look through and you will see some blunders.  The logic may be ok though.  The files signbook.php and button.php work fine (haven't made changes).  You will notice redundant methods to submit the form... help me choose one.  I've snipped out content that doesn't apply to the php and javascript.

[index.php]

<html>

<head>

<SCRIPT type="text/javascript">

<!--

function verify()

  {

  <?php

    session_start();

    $digit = $_SESSION['digit'];

    session_destroy();  

  ?>

  if($digit != $userdigit) {

      alert('the number you entered does not match the captcha');

      return false

      }

  else {

      document.guestbook.action=

"signbook.

php";

      document.guestbook.submit(

);

      return true

      }

   }

-->

</SCRIPT>

</head>

<body>

<font size="+3">Guest Book</font><br>

<div class="entry">

<form method="post" onsubmit="return verify();" name="guestbook">

<label>name:</label><input

type="text" name="signername" />

<label>email:</label><inpu

t type="text" name="email" />

<label>website:</label><in

put type="text" name="url" value="

http://

" />

<label>message:</label><te

xtarea name="message" rows="5" cols="20"></textarea>

<input type="hidden" name="bookurl" value="<?=$SERVER['PHPSE

LF']?>" />

<label>captcha:</label><im

g width=120 height=30 src="auditor/button.php" border="1">

<label> </label><b>En

ter the number above:</b>

<label>confirm:</label><in

put MAXLENGTH=5 SIZE=5 name="userdigit" type="text" value="">

<div id="submit"><input type="submit" value="sign it" class="submit"></div>

</form>

</div>

</body>

</html>

[/index.php]

Among the lines of code for captcha generation, button.php contains the following two lines:

session_start();

$_SESSION['digit'] = $digit;

9

answers

Comments See all(0)

Add comment
0
August 17, 2011

Take care... this captcha is quite useless... if you do a check in js it means that the captcha value is hardcoded in the html page. It can be easly found by a robot so that the captcha loose it meaning...

You have always to check the captcha with a post!!

Let me know

S_D

0
August 17, 2011

try this one it is very easy to use and well done

http://www.phpclasses.org/ browse/pac kage/1163. html

S_D

0
August 17, 2011

system_down, I am going back to the drawing board and will post new code if it doesn't work.  You've been very helpful, but I really need some help, or I it will take me days to get working code, and then I won't write anything else for another couple of years and forget everything!

0
August 17, 2011

I want to pass the form information back to the original page.  Will the method="post" variables make it back to the guestbook page if the user messes up on the captcha?  Or do I have to use a session in order to be able to:

<label>name:</label><input

type="text" name="signername" value="<? echo $signername; ?>" />

0
August 17, 2011

$_SESSION=array_merge($_SE

SSION,$_PO

ST);

0
August 17, 2011

Ok forget the js test...

make as follow:

put this code in the guestbook page

<?

session_start();

// check login - only code

if (isset($_REQUEST['userdigi

t'])) {

      if ($_SESSION['digit']==$_REQ

UEST['user

digit']) echo 'login ok';

      else header("Location:

http://yourdomain/index.ph p

");

}

?>

0
August 17, 2011

I've got everything working, except...

[frm.php]

<?php

 session_start();

 $_SESSION=array_merge($_SE

SSION,$_PO

ST);

 include "audit.php";

 if (audit()) {

  header('Location: ../signbook.php');

 }

 else {

  $_SESSION['pass']=false;

  header('Location: ../index.php');

 }

?>

[/frm.php]

signbook.php starts with:

<?php

session_start();

$_SESSION['pass']=true;

At the bottom of index.php

<?php

if(1==1){

  echo "<script type='text/javascript'>\n"

;

  echo "alert('The number you entered does not match the captcha');\n";

//  echo "return false;\n";

  echo "</script>";

  echo $pass;

  echo 'hello world';

  }

?>

I intend to replace (1==1) with (isset($_SESSION['pass']) && $pass==true), however, pass isn't ever set, even after going thru signbook.php

0
August 17, 2011

It's all working!  If you'd like to see:

n e r d o n

blank        d e m a n d . c o m

                                            / g u e s t b o o k

I like the captcha you suggested better, but I figured I'd stick with what I have for now.  Kind of hard to read sometimes, but greyscale is adjustable... later... much later.

0
August 17, 2011

your welcome.

If you have a little bit more time try the class I told you :D

S_D

Related Questions

This is the very first question

Hello guys! This is the first post in this site Read More

Views

2k

Votes

4

Answers

2

January 08, 2016

report values not showing up.

I have a crystal report which I pass a DataSet to using VB.NET. The report was working fine, but then I make some changes to the import query and now nothing shows up in the crystal report. Crystal do Read More

Views

1k

Votes

0

Answers

12

September 06, 2005

Event log doesn't overwrite as needed in SP4

Hello All, After upgrading from SP3 to SP4 on several Windows 2000 PRO machines everything looked fine, but from time to time applications can&#39;t write to the event log. When I try to view the appl Read More

Views

1k

Votes

0

Answers

9

May 11, 2003

"Failed to self-register XYZ.dll"

Hi there, I wrote a OLE-automation-server DLL in VB4.0. I use Installshield Express to install it as part of my program on the target computers. Now on some computers I get the message &quot;Failed to Read More

Views

5k

Votes

0

Answers

2

November 08, 1998

Please help understand these notes on image processing

Can someone please help me understand these lecture notes... On the right of the page; What does &quot;normalised by one notion of the area of a pixel&quot; mean? On the first formula for A, Is that a Read More

Views

1k

Votes

0

Answers

3

February 05, 2009

Can someone please explain this paragram on the chain rule in image processing

Please see the screenshot, How is 3133030 got from 10103322? Read More

Views

1k

Votes

0

Answers

1

January 05, 2009

AD on 2003

We have created an AD Domain on Windows 2000 Server with no problems. We just created an AD Domain on Windows 2003 and we&#39;re getting some weird problems. Both of these domains are behind firewalls Read More

Views

1k

Votes

0

Answers

15

May 11, 2003

ADDT ASP Upload Error " Type mismatch: 'tNG_isFileInsideBaseFolder' "

I am trying to create a simple insert record and upload image function on an ASP page built using Adobe Dreamweaver Developer Toolkit. I have done this many times before with no problem, however, i ha Read More

Views

1k

Votes

0

Answers

0

November 02, 2008

MYSQL Select query with custom ORDER BY

Hi, is it possible to customize the order of the returned rows in mysql? Example: I have a Table with a column &quot;name&quot;, now I want to have all entries ordered by name, but I want the entries Read More

Views

1k

Votes

0

Answers

5

July 02, 2010

Folder Redirection in Server 2003

We have a Windows Server 2003 Standard Ed. Is there a way to redirect the users my documents to a folder that has already been created on the server? Read More

Views

1k

Votes

0

Answers

2

July 05, 2007

Partiton magic  version 8.0 having error 1523 while executing batch

I followed the partition magic 8.0 wizard to partition my hard disk while rebooting &#160;I came across this problem &#160;&quot;error 1523 while executing batch&quot; What can I do to solve this prob Read More

Views

1k

Votes

0

Answers

2

May 11, 2003

Please explain this paragraph in image processing (screenshot attached)

Two questions; How is the equation (10.1-15) formed? &quot;are isotropic for rotation increments of 90 degrees and 45 degrees respectively&quot; What does this mean Read More

Views

994

Votes

0

Answers

7

January 05, 2009

xp_cmdshell with net use

Hi, when I use &#39;net use \192.168.0.1\c$ password /user:username&#39; at the command prompt, it works fine. &#160;But if i try to use it in sql with &quot; exec master..xp_cmdshell &#39;net use \19 Read More

Views

925

Votes

0

Answers

5

April 11, 2003

hp ux11

i have a hp ux11 server. and i edited the /etc/resolv.conf to use my win2003 server dns server. That went fine, however, I would like to go the other way and add an entry on my win2003 dns to resolve Read More

Views

569

Votes

0

Answers

3

October 12, 2009

Using an application over a LAN

I have written an application that needs to be used on a LAN. &#160;The application setup wizard takes care of registering everything on a single PC, but how do you go about writing a setup program th Read More

Views

497

Votes

0

Answers

9

August 07, 1998

Need subnet of 12 IPs.

Please, Can someone help me to create a subnet consisting of 12 IP&#39;s. Thanks.. Read More

Views

497

Votes

0

Answers

5

April 11, 2003

Drill down in a cross-tabl report

Hello, Would some experts to show me if it is possible to do drill-up or drill-down (or both) in a cross-tab report? I would also like to know if it is possible to control what fields to be displayed/ Read More

Views

413

Votes

0

Answers

0

September 06, 2005

Using RDO, Enterprise V Professional

We would like to use RDO on our project made up of 4 developers. Do we need to have a copy of Enterprise for each developer or is it possible to use Professional for those developers not writing the R Read More

Views

482

Votes

0

Answers

6

January 07, 1998

Can't Edit IIS Metabase.xml

We do this on every windows 2003 server and never had an issue. We cannot edit the IIS Metabase.xml We have stopped IIS and made change click save, no problem but it does not take the new information. Read More

Views

470

Votes

0

Answers

0

July 05, 2007

copy directorires - HP UNIX

Let&#39;s say my source file is /A/B/C/D/file1, and mytarget directory is /E/F/G, I want the result should look like this. /E/F/G/A/B/C/D/file1 I am using rsync to copy the files older than x no of da Read More

Views

494

Votes

0

Answers

14

September 12, 2009