R0CKY

This is the difficulty I have, I have no php or javascript experience and as you have spotted, I am using a rather old script. I usually muddle through with trial and error, however I am struggling now. I'll figure it out though. Thanks for the pointers.

Hi Im hoping I can get some help with this - as it is a big problem for me. I am trying to add googles recaptcha code to my existing php page with a comment form... This is the code I have to place before the submit button <buttonclass="g-recaptcha" data-sitekey="---deleted----" data-callback="YourOnSubmitFn"> Submit </button> And This is my current form code from a php file (I've stripped out table layout tags for clarity) <form action="{$settings.dburl}/index.php?act=comments&c=post&file={$file.file_id}" method="post"> {#post_comment#} {#poster# <input type="text" name="subject" id="subject" size="40" maxlength="150" /> <textarea name="comment" id="comment" rows="12" style="width: 95%"></textarea> <input type="submit" value="{#post_comment#}" onclick="postComment({$file.file_id}); return false;" /> </form> I am confused about what I should replace the YourOnSubmitFn with? Any help would be greatly appreciated.

Entirely irrelevant. YouFailAsAnAdmin is correct in what he says. Yeh, it might hurt a little, but he is correct. Not impressed at all with the postings from this site's Admins in this thread. The minute you start putting banners on the forum, the "we are not commercial" argument fails. You are earning adsense commision off your members, so please don't plead poverty. You contradict yourself when you correctly point out that even with massive resources, a dedicated hacker will still get in. So, that would be an Admin password then, and your IPB admin logs will reveal exactly which admin did this? It's looking awfully like your own Admins didn't take your own advice. I run a busy forum and have had my share of headaches so you have my sympathy, for what it's worth - but I really hope this is not an #Admin password being so weak it was brute forced, because that is what you have described,

Thanks for your helps guys, it's great to finally have this sorted out.

Yeh I am asking the user to type "recon" to verify they are human. I did the !+ thing and it worked, many thanks!

Ah, okay so I changed it to this... So basically if it fails antispam check, it does the same thing as if there was an empty field and rejects the form. The thing is, I tried it, and it's working the opposite way, if the spam check passes, it is rejecting the form, and if the spam check fails, it is accepting the form! Sorry, I am not very good at this and am just trying to bluff my way through! thanks.

@ Edwin, I'll add the text once I get it working, thanks. @ Pika, if true it continues through the code and sends the form data in an e-mail (isn't that how it works... unsure....)... I'll post the entire code for the page below so you can see... //Check if reporting is disabled if ($settings[0]['enable_report'] == 0) { smarty_error(lang('feature_disabled')); } //Get file info $file = $db->GetArray("SELECT * FROM ".$dbPrefix."files WHERE file_id = ".intval($_GET['id'])); if (count($file) == 0) { smarty_error(lang('file_exist')); } $file = $file[0]; //Send the mail if (isset($_GET['process'])) { if (!check_input($_POST, array('message'))) { smarty_error(lang('emptyfield')); } //Make sure the spam response is valid if ($_POST['spamcheck']=="recon") { } //Make sure the "from" address is valid if (!eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $_POST['fromemail'])) { smarty_error(lang('emailinvalid')); } $usermessage = trim($_POST['message']); $message .="BROKEN DOWNLOAD REPORT FOR website.NET\n"; $message = $_POST['fromname'].' ('.$_SERVER['REMOTE_ADDR'].') has reported a broken link at '.$settings[0]['dbname'].".\n"; if (!empty($usermessage)) { // $message .= $_POST['fromname']." has included this message:\n"; $message .= $usermessage."\n\n"; } $message .= "File: ".$file['file_name']."\n"; $message .= "URL: ".$file['file_dlurl']."\n\n"; $message .= "Please visit the following link to view the file:\n"; $message .= $settings[0]['dburl'].'/index.php?act=view&id='.$_GET['id']."\n\n"; // $message.= "If you have verified that the link is broken, you may edit the download URL in the paFileDB admin center at ".$settings[0]['dburl']."/admin.php\n\n"; // $message .= "The IP address of the person who reported the broken link is: ".$_SERVER['REMOTE_ADDR']."\n\n"; $message .= "To report abuse of this feedback system, please visit ".$settings[0]['dburl']; $to = array(); $admins = $db->GetArray("SELECT user_username, user_email FROM ".$dbPrefix."users"); foreach ($admins as $a) { $to[] = array("name" => $a['user_username'], "address" => $a['user_email']); } pafiledb_mail($_POST['fromname'], $_POST['fromemail'], $to, 'Broken link reported at '.$settings[0]['dbname'], $message); smarty_redirect(lang('report_sent'), 'index.php?act=view&id='.$_GET['id']); } $smarty->assign('id', $_GET['id']); //Fetch the category info from the database // Generate the navbar. We're using the dropdown cache to save // system resources. $navbar = array(); $navbar[] = array('name' => lang('report_broken'), 'url' => ''); $navbar[] = array('name' => $file['file_name'], 'url' => '?act=view&id='.intval($_GET['id'])); $allcats = unserialize($settings[0]['dropdown']); $tempcat = $file['file_catid']; $templvl = -1; // 0 = start. We need to identify that this hasn't been set so -1 works for($x = count($allcats)-1; $x >= 0; $x--) { // Step #1 - Determine the level of the current category // and then work our way down. if ($templvl == -1 && $allcats[$x]['id'] == $tempcat) { $navbar[] = array('name' => $allcats[$x]['name'], 'url' => '?act=category&id='.$allcats[$x]['id']); $templvl = $allcats[$x]['sub']-1; } else if ($templvl != -1 && $allcats[$x]['sub'] == $templvl) { $navbar[] = array('name' => $allcats[$x]['name'], 'url' => '?act=category&id='.$allcats[$x]['id']); $templvl--; if ($templvl == -1) { break; } } } $navbar[] = array('name' => $settings[0]['dbname'], 'url' => ''); // And then we reverse it for paFileDB $navbar = array_reverse($navbar); $smarty->assign('navbar', $navbar); // We already handled the recursion so let's cheat and use it like a cache for the titlebar. $title = array(); foreach ($navbar as $c) { $title[] = $c['name']; } $smarty->assign('title', implode(' » ', $title)); ?>

I'm using a now unsupported PHP download system that has a public front end where the visitor can send a message when a file download is broken. The problem is now I need some kind of anti spam measure to stop robots sending me rubbish through the form. Here's is a part of the php page.... //Send the mail if (isset($_GET['process'])) { if (!check_input($_POST, array('message'))) { smarty_error(lang('emptyfield')); } //Make sure the spam response is valid if ($_POST['spamcheck']=="recon") { } //Make sure the "from" address is valid if (!eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $_POST['fromemail'])) { smarty_error(lang('emailinvalid')); } The //Make sure the spam response is valid part was inserted by me, but it is not working. The visitor can type anything he likes in the spamcheck form field and the form is still being accepted. Any hints, please? Thanks in advance.

It's getting to confusing for me as a php n00b to follow, I found that there are apparently two form processors in this downloads system, one called ajax.php and one called ajax.js :-\ I think I am going to have to give up on this and find another way to stop the spammers.

Yeh I tried that but I don't see the echo anywhere, the page refreshes really quick, the comment appears posted and there is no echo in sight. I think I need to try and stop the code somewhere (somehow) so I get time to see the echo. I just know that it won't display the spam field, but you are right we need to see, I'm going to dig a bit deeper.

Hi thanks for the suggestion, but it made no difference.

I have a script installed that has a comment form that I want to protect from spam with a simple math question. I added a new field into the form called antispam, and in the form processor page I added a check for the answer to be correct. I can't get it to work though. By a process of trial and error though I discovered I can get a condition check to work if I use one of the existing fields. For example if I change the condition check to only proceed if the subject field is "PASS", then it will work. But as soon as I try and use the new antispam field, it does not work, whether the answer is correct or wrong, it still pasts the comment. This confuses me. Here's the code I am using. I have commented in <!-- ANTI SPAM ROW --> to show the only 4 lines of code I inserted into this form. The form <form action="{$settings.dburl}/index.php?act=comments&c=post&file={$file.file_id}" method="post"> <table width="75%" border="1" align="center" cellpadding="3" cellspacing="0" class="border"> <tr class="sectionheader"> <td width="100%" colspan="2"> {#post_comment#} </td> </tr> <tr> <td width="50%">{#poster#}:</td> <td width="50%"><input type="text" name="subject" id="subject" size="40" maxlength="150" /></td> </tr> <tr> <td align="center" colspan="2"> <textarea name="comment" id="comment" rows="12" style="width: 95%"></textarea> </td> </tr> <!-- ANTI SPAM ROW --> <tr> <td width="50%">Anti Spam : What is 2 + 2?</td> <td width="50%"><input type="text" name="antispam" id="antispam" size="1" maxlength="1" /></td> </tr> <tr> <td align="center" colspan="2"> <input type="submit" value="{#post_comment#}" onclick="postComment({$file.file_id}); return false;" /><br /> <div id="status" style="font-weight: bold"></div> </td> </tr> </table> </form> The Form Processor In this page I added a simple check if ($_POST['antispam'] == "4") $enableComments = true; This does not work though. However if I was (just for testing purposes) to do a check on the subject field (as follows) it works! if ($_POST['subject'] == "SPAM") $enableComments = false; So I have figured out the problem is with the new antispam field I added - but what is the problem? Many thanks for any advice on this one.

Thank you.

I have a line of code that selects from the dbase ordered by the date of the entry, like this : $result = $db->GetArray("SELECT * FROM ".$dbPrefix."files ORDER BY file_time DESC"); I would like to exclude from that result though when a specific field (ID) is a specific value (40) So in plain English it would be "select from the dbase ordered by time, excluding all files where the ID = 40. How would I alter the above code to achieve this? Many thanks!

Thanks Premiso I did some more digging and found that the comment system calls a page called PHP Input Filter and at the end of that is the expression you mention... So it looks like it should already be working, but isn't for some reason ???