Jump to content


Photo

Captcha for php/MySQL


  • Please log in to reply
5 replies to this topic

#1 lwharding

lwharding
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 07 July 2006 - 12:37 PM

Help! I am in desperate need of some advice on how to create a catpcha for an insert form that I am currently using.  I have managed to create both a CAPTCHA and an INSERT form separately both of which work fine. Problem I have is that I cannot work out how to join the two together.

The CAPTCHA displays either the success or failure notice using an IF statement, the problem i have is that I am not sure how I can change the success IF statement to and INSERT command.

Hope this makes sense.

Luke

#2 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 07 July 2006 - 02:48 PM

Just do this:
if($captha == something)
{
    // place insert code here if captha is correct
}
else
{
    //place error message here if captha is incorrect
}


#3 lwharding

lwharding
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 07 July 2006 - 02:54 PM

I am aware of what the if statement would look like, the problem is when using an INSERT command within the success the page does not even display.

for example

======================

if($captha == something)
{
SUCCESS then INSERT the record into 'My Table'  // place insert code here if captha is correct
}
else
{
FAILURE "Please re-enter captcha"    //place error message here if captha is incorrect
}

#4 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 07 July 2006 - 05:29 PM

It'll only display something if you tell it to. If its just the insert command then nothing will show. Heres an example:
f($captha == something)
{
    // connect to db here

    //setup query:
    $sql = "INSERT INTO table_name SET col_name=some_val, col2_name=some_val";
    $result = mysql_query($result);
    
    // check that the query was successful:
    if($result) {
        echo "Update was successful";
    } else {
        echo "Query failed" . mysql_errror());
    }
}
else
{
    echo "Please re-enter captcha";
}


#5 lwharding

lwharding
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 11 July 2006 - 07:43 AM

I have attempted as you have kindly suggested but cannot figure out what i am doing wrong, code is below.


if($word_ok!==false)
{
	if($word_ok=="yes")
	 // connect to db here
	require_once('../../../Connections/mysql.php');

    //setup query:
    $sql = "INSERT INTO test Name=$_POST['Name'], Title=$_POST['Title']";
    $result = mysql_query($result);

    // check that the query was successful:
    if($result) {
        echo "Update was successful";
    } else {
        echo "Query failed" . mysql_errror());
    }
	
	 else {
		echo "sorry, that's not the right word, try again.<br />";
	}
}


#6 Aftek

Aftek
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 11 July 2006 - 05:11 PM

it strange how you wrote this.. im not an expert.. but maybe what i know is enough to help you there.

<?php
    if($word_ok!==false)
?>

first of all !== is unknown to me... ( sorry i checked and it is available as a PHP operator... so !== isnt wrong)
it is either != for 'is different from' or == for 'is equal to'
Now if you use booleans, you dont even need to use them..
you can simply use
<?php
$isValid;

//then use a function to validate your $word_ok
// a function that returns false in case of errors, true ( or anything else) if no error encountered.
$isValid = validate_my_string ($word_ok);

//now if $isValid == false
if (!$isValid)
{
    echo "$word_ok is invalid";
}
// else means $isValid is anything else but false..
// so if needed you function can return something else than true ( like an array, an object, a value or a variable)
else
{
    echo "$Thanks you, $word_ok has been validated";
}


//you can also have your function to create an array and return it at the end..
//during the validation if necessary add entries to it, i usually name $errors and use $errors ['where is happens'] = "err_msg";
function validate ()
{
    //first create an empty array
    $errors = array();

   // do your validation and if there is an error add it to $errors

    if (empty($_POST['username']) || $_POST['username'] == "") $errors['username'] == "blank username";
    if (empty($_POST['password']) || $_POST['password'] == "") $errors['password'] == "blank password";

    //once it is done just return $errors array
    return $errors;
}

//then you can have a page looking like

//validate and get the array
$validation = validate ();

if (empty ($validation)) echo "the error array is empty... which means you pass thru my validation, congrats, lol";
//else means there has been an error somewhere
else
{
    echo "the following errors where found<br />";
    echo "<ul>";
    // foreach will do this for every entries in our error array. I'm putting it in unordered list, 100%optional
    foreach ($validation as $whereIsError => $error_msg)
    {
        echo "<li>$whereIsError - $error_msg</li>";
    }
    echo "</ul>";
}






"INSERT INTO test Name=$_POST['Name'], Title=$_POST['Title']";

try either
<?php
$sql = "INSERT INTO test Name='{$_POST['Name']}', Title='{$_POST['Title']}'";
or
<?php
$sql = "INSERT INTO test Name='" . $_POST['Name'] . "', Title='" . $_POST['Title'] . "'";
Im am even farther to being a mysql expert, but shouldnt it be
"INSERT INTO table_name ( column_name1, column_name3,..) VALUES ( '$value1', '$value3',..)"


alright, im saying it again, im not an expert , far from it unfortunatly..
but in the meantime i'd love someone to correct me here if there's any mistake

still hope it helps though :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users