Jump to content

Just cant quite "get it".

shaunbaird

By shaunbaird
in PHP Coding Help

Recommended Posts

shaunbaird Newbie

shaunbaird

Posted
Posted

After 6 hours with this Im getting frustrated..

 

I run a site which incorporates a simple captcha code.

It runs on login pages, and new registration pages just fine.

 

I am trying to put the captcha code on another page, but I need it to happen AFTER A CERTAIN EVENT HAS HAPPENED.

 

Let me explain.  At my site (A "Get Paid To Click" site) people can view ads.

 

Here is what they do:

 

1 - click an "available" link - this opens a new window with an iframe timer bar at the top.  The website from the link opens in the bottom window and displays for 20 seconds.  When the counter reaches zero, an image of a tick appears in the iframe top bar and the users account is updated with a credit (so this is a traffic exchange type thing)

 

 

 

I extracted the code for the captcha from my login.php file and created a php file called getcapcha.php and inserted the code inside it.

 

My "thinking" was that logically:

WHEN TIMER=ZERO CALL THE CAPCHA

AND IF CAPCHA SUCCESSFUL CREDIT USERS ACOUNT

 

 

I am doing this to prevent automated clicking bots from abusing my website.

 

I dont expect anybody to do this for me - I dont mind tinkering with code, although I am only a beginner, but I need a hand to know where exactly to call the file, and if I am doing it correctly... i think Im probably using the wrong code, or not passing the required data backwards and forwards.

 

So any help you might give would be awesome, cheers!

Here we have the code from the page members see with available links on it:

 

<? include('header.php'); ?>

<h3>Surf Ads - Visit Websites</h3>
<br>


<?
require('config.php');
$tabla = mysql_query("SELECT id FROM tb_ads_categories ORDER BY id ASC"); // selecciono todos los registros de la tabla usuarios, ordenado por nombre
mysql_close($con);
while ($registro = mysql_fetch_array($tabla)) { // comienza un bucle que leera todos los registros y ejecutara las ordenes que siguen


?>

<?
$indice = $registro["id"];
require('config.php');
$sql = "SELECT * FROM tb_ads_categories WHERE id='$indice'";
$result = mysql_query($sql);        
$row = mysql_fetch_array($result);
mysql_close($con);
?>
<div id="tables">
<table width="80%" align="center">

<tr>
<th class="top" width="61%">
<b> <? echo $row["catname"] ?></b>
</th>
<th class="top" width="13%">
<div align="center">
<b>Members</b></div>
</th>
<th class="top" width="13%">
<div align="center">
<b>Outside</b></div>
</th>
<th class="top" width="13%">
<div align="center">
<b>Total</b></div>
</th>
</tr>

<?php



/* Pedimos todos los temas iniciales (identificador==0)
* y los ordenamos por ult_respuesta */

if(isset($_COOKIE["usNick"]) && isset($_COOKIE["usPass"]))
{


$lolz=$_COOKIE["usNick"];

require('config.php');
$sqlr = "SELECT * FROM tb_users WHERE username='$lolz'";
$resultr = mysql_query($sqlr);        
$myrowr = mysql_fetch_array($resultr);
mysql_close($con);
$tipr=$myrowr["account"];


switch($tipr) {
    case("premium"):
require('config.php');
$sql = "SELECT * ";
$sql.= "FROM tb_ads WHERE tipo='ads' and category='$indice' ORDER BY fechainicia DESC";
$rs = mysql_query($sql, $con);
mysql_close($con);
if(mysql_num_rows($rs)>0)
{
    // Leemos el contenido de la plantilla de temas
    $template = implode("", file("titulosp.php"));

    while($row = mysql_fetch_assoc($rs))
    {


$row["last"]=uc($_COOKIE["usNick"]);


$row["total"]=$row["outside"] + $row["members"];

$bold=$row["bold"];
if ($bold=="1")
{
$row["bold"]="<b>";
$row["boldc"]="</b>";
}


$highlight=$row["highlight"];
if ($highlight=="1")
{
$row["highlight"]="#cccccc";
$row["highlight"]="#cccccc";
}

$ji=$row["members"];
$jo=$row["plan"];
if ($ji >= $jo)
{




$row["description"]="";
$row["members"]="";
$row["outside"]="";
$row["total"]="";
$row["id"]="";
}

        mostrarTemplate($template, $row);

    }
}

      break;

    default:
require('config.php');
$sql = "SELECT * ";
$sql.= "FROM tb_ads WHERE tipo='ads' and category='$indice' ORDER BY fechainicia DESC";
$rs = mysql_query($sql, $con);
mysql_close($con);
if(mysql_num_rows($rs)>0)
{
    // Leemos el contenido de la plantilla de temas
    $template = implode("", file("titulos.php"));

    while($row = mysql_fetch_assoc($rs))
    {


$row["last"]=uc($_COOKIE["usNick"]);


$row["total"]=$row["outside"] + $row["members"];

$bold=$row["bold"];
if ($bold=="1")
{
$row["bold"]="<b>";
$row["boldc"]="</b>";
}


$highlight=$row["highlight"];
if ($highlight=="1")
{
$row["highlight"]="#cccccc";
$row["highlight"]="#cccccc";
}

$ji=$row["members"];
$jo=$row["plan"];
if ($ji >= $jo)
{




$row["description"]="";
$row["members"]="";
$row["outside"]="";
$row["total"]="";
$row["id"]="";
}

        mostrarTemplate($template, $row);

    }
}

}

}else{

require('config.php');
//require('funciones.php');

$sqlr = "SELECT * ";
$sqlr.= "FROM tb_ads WHERE tipo='ads' and category='$indice' ORDER BY fechainicia DESC";
$rsr = mysql_query($sqlr, $con);
mysql_close($con);
if(mysql_num_rows($rsr)>0)
{
    // Leemos el contenido de la plantilla de temas
    $templater = implode("", file("titulos1.php"));

    while($rowr = mysql_fetch_assoc($rsr))
    {


$rowr["total"]=$rowr["outside"] + $rowr["members"];


$bold=$rowr["bold"];
if ($bold=="1")
{
$rowr["bold"]="<b>";
$rowr["boldc"]="</b>";
}

$highlight=$rowr["highlight"];
if ($highlight=="1")
{
$rowr["highlight"]="#cccccc";
$rowr["highlight"]="#cccccc";
}


$ji=$rowr["members"];
$jo=$rowr["plan"];
if ($ji >= $jo)
{
$rowr["description"]="";
$rowr["members"]="";
$rowr["outside"]="";
$rowr["total"]="";
$rowr["id"]="";
}


        mostrarTemplate($templater, $rowr);

    }
}



}




?>

</table>

</div>












<?

} // fin del bucle de ordenes



?>











	<!--footer starts here-->
<? include('footer.php'); ?>

 

 

As you can see, apart from the spanish comments, it first checks members type, by looking to see if members are "outside", or "basic members", or "premium members" (ie titulos.php titulos1.php or titulosp.php and calls these depending upon which type of member they are, or if they are viewing the ads when not logged in.

 

 

 

 

 

Now, I shall take the titulos.php file:

 

 

<tr>
<td bgcolor="<?=$highlight?>">


<?
require('config.php');
$sqle = "SELECT * FROM tb_ads WHERE user='$last' and ident='$id'";
$resulte = mysql_query($sqle);        
$myrow = mysql_fetch_array($resulte);
mysql_close($con);


$time=$myrow['visitime'];

$crok1 = date(time());
$crok2 = date($time + (24 * 60 * 60));



if($crok1 >= $crok2)

{ 

?>

<?=$bold?><a href="viewp.php?ad=<?=$id?>" target="_blank"><?=$description?></a><?=$boldc?><?



} else { ?><del><?=$description?><del><? }


?>


</td>
<tD bgcolor="<?=$highlight?>">
<?=$members?> 	 	

</td>
<td bgcolor="<?=$highlight?>">

<?=$outside?>

</td>
<td bgcolor="<?=$highlight?>">

<?=$total?>

</td>
</tr>

 

As you can see it calls the viewp.php file, which  looks like this:

 

<?
session_start();


require('config.php');
require('funciones.php');



$adse=limpiar($_GET["ad"]);



if(!isset($_COOKIE["usNick"]) && !isset($_COOKIE["usPass"]))
{
      $sqlz = "SELECT * FROM tb_ads WHERE id='$adse'";
      $resultz = mysql_query($sqlz);        
      $myrowz = mysql_fetch_array($resultz);

$numero=$myrowz["outside"];

      $sqlex = "UPDATE tb_ads SET outside='$numero' +1 WHERE id='$adse'";
      $resultex = mysql_query($sqlex);

}


$checkad = mysql_query("SELECT id FROM tb_ads WHERE id='$adse'");
$ad_exist = mysql_num_rows($checkad);

if ($ad_exist<1) {
// En caso de no existir el referer damos un mensaje de error
echo "Error"; exit();
}


?>


<html>

<head>

<meta http-equiv="Pragma" content="no-cache">

<meta http-equiv="Expires" content="-1">

<link rel="stylesheet" type="text/css" href="css.css"><title><? include('sitename.php'); ?> | .view .click .make money</title>

<script>

var x = 21

var y = 1

function startClock(){

if(x!=='Done'){

x = x-y

document.frm.clock.value = x

setTimeout("startClock()", 1000)

}

if(x==0){

x='Done';

document.frm.clock.value = x;
success.location.href="successp.php?ad="+document.frm.id.value+"&verify="+document.frm.verify.value;

}}

</script>

</head>


		<body leftmargin="0" rightmargin="0" topmargin="0" bottommargin="0" onLoad="startClock()">



		<form name="frm" method="post">

		<input type="hidden" name="id" value="<? echo $adse ?>">

<input type="hidden" name="verify" value="<? include('thecodero.php'); ?>">

		 <table border="0" cellpadding="0" cellspacing="0" width="100%">

			<tbody>

			  <tr> 

				<td class="maintopright" style="border-bottom: 2px solid rgb(51, 51, 51); font-family: Verdana; font-size: 13px;" width="50%">

				  <div class="maintopright">  <? include('sitename.php'); ?>    


				  <input name="clock" size="3" readonly="readonly" style="border: medium none ; padding: 0pt; font-size: 25pt; font-family: Verdana; vertical-align: top;" type="text">

				  <iframe name="success" src="grayblank.htm" border="0" framspacing="0" marginheight="0" marginwidth="0" vspace="0" hspace="0" style="vertical-align: top;" frameborder="0" height="110" scrolling="no" width="140"></iframe>

				  </div>

				</td>

				<td style="border-bottom: 2px solid rgb(51, 51, 51); font-family: Verdana; font-size: 13px; " align="left" valign="middle" width="50%">

					<strong>Your AD can be here for $200 for 1 week of unlimited impressions - contact us.<br>

				 </td>

				</tr>

			  </tbody>

		 </table>

		 <iframe src="<? require ('config.php');
$sql = "SELECT * FROM tb_ads WHERE id='$adse'";
$result = mysql_query($sql);        
$row = mysql_fetch_array($result);


echo $row["url"];
?>" border="0" framspacing="0" marginheight="0" marginwidth="0" vspace="0" hspace="0" frameborder="0" height="100%" scrolling="yes" width="100%"></iframe>




		</form>

		</body>


</html>

 

 

 

The above viewp.php file is the iframed viewbar at the top with the timer inside it (viewp.php is for premium members, view.php is for other members, etc) this is the window which opens when members click on a link.

 

 

 

 

 

So, what I have been trying to do is use the "require" command - require('getcapcha.php'); - not sure if this is the right thing or wrong thing to do, or if my format is incorrect?

 

So, I made a file called getcapcha.php which includs the capcha code - and I made it so that it posts to titulosp.php - again not sure if this is the right or wrong thing to do.

here it is:

<form action='titulosp.php' method='POST'>

<table width="400" border="0" align="center">
   <tr>
    <td width="150" align="left"><label>Security Code </label><input type='text' size='3' maxlength='3' name='code' autocomplete="off" class="securitycode" value="" tabindex="3" /></td>
  <img src="image.php?<?php echo $res; ?>" /><input type="submit" value="Enter" class="submit" tabindex="4" />
</td>
  </tr>
</table>
</form>
success.location.href="successp.php?ad="+document.frm.id.value+"&verify="+document.frm.verify.value;

 

 

 

 

Now this calles the file "successp.php" if the timer has counted down correctly.

 

What I did was change it from successp.php to getcapcha.php - so that if the counter was correct it would then "GO TO THE CAPCHA SCRIPT" - this is my logical thinking anyway...

 

Somehow I managed to get it working to a position where the counter would count down, and after it had counted down it displayed the capcha code in the iframe - I was very pleased - however, of course the isue for me is now to make it so that after a successful capcha has been entered, the script should then call the successp.php file and update their account

 

So Im assuming it has something to do with:

success.location.href="successp.php?ad="+document.frm.id.value+"&verify="+document.frm.verify.value;

 

I tried to put it at various places in the viewp.php file, and no joy.

 

Here is the successp.php file:

 

<?
session_start();

if(!isset($_GET['verify'])){ 
echo "<img src=error.gif>";
echo "SECURITY CODE ERROR... "; exit();
}

if($_GET['verify']!=$_SESSION['string']){ 
echo "<img src=error.gif>";
echo "SECURITY CODE ERROR... "; exit();
}





if(isset($_COOKIE["usNick"]) && isset($_COOKIE["usPass"]))
{

// Se incluyen los archivos necesarios

require('config.php');
require('funciones.php');

// Se sanitizan los datos de las cokies

$user=uc($_COOKIE["usNick"]);

// Se selecciona la tabla tb_users donde el usuario es el que se provee en la cookie

$sql = "SELECT * FROM tb_users WHERE username='$user'";
$result = mysql_query($sql);        
$row = mysql_fetch_array($result);

// Se sanitiza de nuevo la cookie

$wask = uc($_COOKIE["usNick"]);


// Se define $wesk como el nombre de usuario de la tabla tb_users

$wesk = $row['username'];




$prem = $row['account'];

if($prem!="premium")
{
echo "error"; exit();
}




// Se comprueba que el dato de la cookie sea el mismo que el de la tabla, de lo contrario se muestra error, se termina
// el script y se borra la cookie.

if("$wesk" != "$wask") {
echo "Login incorrecto.";
exit();
}

// Se sanitiza la cookie usPass

$wazk = uc($_COOKIE["usPass"]);

// Se define $wezk como el nombre de usuario de la tabla tb_users

$wezk = $row['password'];

// Se comprueba que el dato de la cookie sea el mismo que el de la tabla, de lo contrario se muestra error, se termina
// el script y se borra la cookie.

if("$wezk" != "$wazk") {
echo "Login incorrecto.";
exit();
}


$usere=uc($_COOKIE["usNick"]);
$adse=limpiar($_GET["ad"]);

if (ereg('[^0-9]', $adse)) {
echo "<script>alert('Cheater...!')</script>";
    mysql_query($cheat) or die(mysql_error());
exit;

}

else {

   
}

$querye = mysql_query("SELECT * FROM tb_ads WHERE user = '$usere' and ident= '$adse'") or die(mysql_error());
$rowe = mysql_fetch_array($querye);



$checkad = mysql_query("SELECT id FROM tb_ads WHERE id='$adse' and tipo='ads'");
$ad_exist = mysql_num_rows($checkad);

if ($ad_exist<1) {
// En caso de no existir
echo "Error no existe."; exit();
}



$time=$rowe['visitime'];

$crok1 = date(time());
$crok2 = date($time + (24 * 60 * 60));



if($crok1 >= $crok2)
{
//echo "Si la hora actual es mayor o igual a la hora en que empezó mas 24 horas, creamos las variables. Terminamos el script y damos un boton para actualizar.<br>";

$kok = uc($_COOKIE["usNick"]);
// Si ya existe una tabla solamente la editamos

$checkvisit = mysql_query("SELECT * FROM tb_ads WHERE user='$kok' and ident='$adse'");
$referer_visit = mysql_num_rows($checkvisit);

if ($referer_visit>0) {





      $sqlz = "SELECT * FROM tb_ads WHERE id='$adse'";
      $resultz = mysql_query($sqlz);        
      $myrowz = mysql_fetch_array($resultz);

$numero=$myrowz["members"];


// si se termino el plan terminamos el script
$jo=$myrowz["plan"];

if ($numero >= $jo)
{
echo "<script>alert('El link ya no esta disponible')</script>";
exit();
}









// En caso de ya existir una tabla solamente la editamos


    $queryzx = "UPDATE tb_ads SET visitime='$crok1' WHERE user='$usere' and ident='$adse' and tipo='visit'";
    mysql_query($queryzx) or die(mysql_error());









//referals visits
      $sqlzd = "SELECT * FROM tb_users WHERE username='$kok'";
      $resultzd = mysql_query($sqlzd);        
      $myrowzd = mysql_fetch_array($resultzd);
$juaz=$myrowzd["referer"];

if ($juaz!=""){
      $sqlzde = "SELECT * FROM tb_users WHERE username='$juaz'";
      $resultzde = mysql_query($sqlzde);        
      $myrowzde = mysql_fetch_array($resultzde);
$juaze=$myrowzde["referalvisits"];
$billetes=$myrowzde["money"];


      $sqlzdu = "SELECT * FROM tb_config WHERE item='premiumreferalc' and howmany='1'";
      $resultzdu = mysql_query($sqlzdu);        
      $myrowzdu = mysql_fetch_array($resultzdu);

$elprecio=$myrowzdu["price"];


      $sqlexd = "UPDATE tb_users SET referalvisits='$juaze' +1, money='$billetes' +'$elprecio' WHERE username='$juaz'";
      $resultexd = mysql_query($sqlexd);
}




      $sqlex = "UPDATE tb_ads SET members='$numero' +1 WHERE id='$adse'";
      $resultex = mysql_query($sqlex);


//info del user


      $sqlze = "SELECT * FROM tb_users WHERE username='$usere'";
      $resultze = mysql_query($sqlze);        
      $myrowze = mysql_fetch_array($resultze);

$visitas=$myrowze["visits"];
$dinero=$myrowze["money"];


      $sqlzdu = "SELECT * FROM tb_config WHERE item='premiumclick' and howmany='1'";
      $resultzdu = mysql_query($sqlzdu);        
      $myrowzdu = mysql_fetch_array($resultzdu);

$elprecio=$myrowzdu["price"];


      $sqlexzz = "UPDATE tb_users SET visits='$visitas' +1, money='$dinero' +'$elprecio' WHERE username='$usere'";
      $resultexzz = mysql_query($sqlexzz);


}else{




      $sqlz = "SELECT * FROM tb_ads WHERE id='$adse'";
      $resultz = mysql_query($sqlz);        
      $myrowz = mysql_fetch_array($resultz);

$numero=$myrowz["members"];


// si se termino el plan terminamos el script
$jo=$myrowz["plan"];

if ($numero >= $jo)
{
echo "<script>alert('El link ya no esta disponible')</script>";
exit();
}





    //Todo parece correcto procedemos con la inserccion
    $queryzz = "INSERT INTO tb_ads (user, ip, tipo, ident, visitime) VALUES('$usere','','visit','$adse','$crok1')";
    mysql_query($queryzz) or die(mysql_error());




//referals visits
      $sqlzd = "SELECT * FROM tb_users WHERE username='$kok'";
      $resultzd = mysql_query($sqlzd);        
      $myrowzd = mysql_fetch_array($resultzd);
$juaz=$myrowzd["referer"];

if ($juaz!=""){
      $sqlzde = "SELECT * FROM tb_users WHERE username='$juaz'";
      $resultzde = mysql_query($sqlzde);        
      $myrowzde = mysql_fetch_array($resultzde);
$juaze=$myrowzde["referalvisits"];
$billetes=$myrowzde["money"];

      $sqlzdu = "SELECT * FROM tb_config WHERE item='premiumreferalc' and howmany='1'";
      $resultzdu = mysql_query($sqlzdu);        
      $myrowzdu = mysql_fetch_array($resultzdu);

$elprecio=$myrowzdu["price"];

      $sqlexd = "UPDATE tb_users SET referalvisits='$juaze' +1, money='$billetes' +'$elprecio' WHERE username='$juaz'";
      $resultexd = mysql_query($sqlexd);
}

      $sqlex = "UPDATE tb_ads SET members='$numero' +1 WHERE id='$adse'";
      $resultex = mysql_query($sqlex);




//info del user


      $sqlze = "SELECT * FROM tb_users WHERE username='$usere'";
      $resultze = mysql_query($sqlze);        
      $myrowze = mysql_fetch_array($resultze);

$visitas=$myrowze["visits"];
$dinero=$myrowze["money"];

      $sqlzdu = "SELECT * FROM tb_config WHERE item='premiumclick' and howmany='1'";
      $resultzdu = mysql_query($sqlzdu);        
      $myrowzdu = mysql_fetch_array($resultzdu);

$elprecio=$myrowzdu["price"];


      $sqlexzz = "UPDATE tb_users SET visits='$visitas' +1, money='$dinero' +'$elprecio' WHERE username='$usere'";
      $resultexzz = mysql_query($sqlexzz);


}

echo "<img src=ok.gif>";

// echo "Los datos se han isertado en la base de datos.";

}else{

$juaz= date("n/j/Y H:i:s", $crok1);
$juaze= date("n/j/Y H:i:s", $crok2);


//echo "hora actual: ".$juaz."<br>";

//echo "hora en que podras volver a visitar la pagina: ".$juaze;

echo "<img src=error.gif>";

}



}else{





}







?>

 

 

 

 

 

Any ideas or pointers would be very helpful, like I say I dont mind trying, but I dont know much about php but I dont mind trying either

 

I think Ive probably got things in the wrong order somewhere or missed a few lines of code somewhere...

 

He he if someone wants to solve this Ill give them a free upgraded account.. yep, Im that desperate to cure this.. lol!

 

 

 

But serously anyway, any ideas?

 

Thanks???

 

Shaun

Link to comment
https://forums.phpfreaks.com/topic/107176-just-cant-quite-get-it/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.