Jump to content

Archived

This topic is now archived and is closed to further replies.

lwharding

Captcha for php/MySQL

Recommended Posts

Help! I am in desperate need of some advice on how to create a catpcha for an insert form that I am currently using.  I have managed to create both a CAPTCHA and an INSERT form separately both of which work fine. Problem I have is that I cannot work out how to join the two together.

The CAPTCHA displays either the success or failure notice using an IF statement, the problem i have is that I am not sure how I can change the success IF statement to and INSERT command.

Hope this makes sense.

Luke

Share this post


Link to post
Share on other sites
Just do this:
[code]if($captha == something)
{
    // place insert code here if captha is correct
}
else
{
    //place error message here if captha is incorrect
}[/code]

Share this post


Link to post
Share on other sites
I am aware of what the if statement would look like, the problem is when using an INSERT command within the success the page does not even display.

for example

======================

if($captha == something)
{
SUCCESS then INSERT the record into 'My Table'  // place insert code here if captha is correct
}
else
{
FAILURE "Please re-enter captcha"    //place error message here if captha is incorrect
}

Share this post


Link to post
Share on other sites
It'll only display something if you tell it to. If its just the insert command then nothing will show. Heres an example:
[code]f($captha == something)
{
    // connect to db here

    //setup query:
    $sql = "INSERT INTO table_name SET col_name=some_val, col2_name=some_val";
    $result = mysql_query($result);
   
    // check that the query was successful:
    if($result) {
        echo "Update was successful";
    } else {
        echo "Query failed" . mysql_errror());
    }
}
else
{
    echo "Please re-enter captcha";
}[/code]

Share this post


Link to post
Share on other sites
I have attempted as you have kindly suggested but cannot figure out what i am doing wrong, code is below.


[code]if($word_ok!==false)
{
if($word_ok=="yes")
// connect to db here
require_once('../../../Connections/mysql.php');

    //setup query:
    $sql = "INSERT INTO test Name=$_POST['Name'], Title=$_POST['Title']";
    $result = mysql_query($result);

    // check that the query was successful:
    if($result) {
        echo "Update was successful";
    } else {
        echo "Query failed" . mysql_errror());
    }

else {
echo "sorry, that's not the right word, try again.<br />";
}
}
[/code]

Share this post


Link to post
Share on other sites
it strange how you wrote this.. im not an expert.. but maybe what i know is enough to help you there.

[quote]
[code]
<?php
    if($word_ok!==false)
?>
[/code]
[/quote]
first of all !== is unknown to me... ( sorry i checked and it is available as a PHP operator... so !== isnt wrong)
it is either != for 'is different from' or == for 'is equal to'
Now if you use booleans, you dont even need to use them..
you can simply use
[code]
<?php
$isValid;

//then use a function to validate your $word_ok
// a function that returns false in case of errors, true ( or anything else) if no error encountered.
$isValid = validate_my_string ($word_ok);

//now if $isValid == false
if (!$isValid)
{
    echo "$word_ok is invalid";
}
// else means $isValid is anything else but false..
// so if needed you function can return something else than true ( like an array, an object, a value or a variable)
else
{
    echo "$Thanks you, $word_ok has been validated";
}


//you can also have your function to create an array and return it at the end..
//during the validation if necessary add entries to it, i usually name $errors and use $errors ['where is happens'] = "err_msg";
function validate ()
{
    //first create an empty array
    $errors = array();

  // do your validation and if there is an error add it to $errors

    if (empty($_POST['username']) || $_POST['username'] == "") $errors['username'] == "blank username";
    if (empty($_POST['password']) || $_POST['password'] == "") $errors['password'] == "blank password";

    //once it is done just return $errors array
    return $errors;
}

//then you can have a page looking like

//validate and get the array
$validation = validate ();

if (empty ($validation)) echo "the error array is empty... which means you pass thru my validation, congrats, lol";
//else means there has been an error somewhere
else
{
    echo "the following errors where found<br />";
    echo "<ul>";
    // foreach will do this for every entries in our error array. I'm putting it in unordered list, 100%optional
    foreach ($validation as $whereIsError => $error_msg)
    {
        echo "<li>$whereIsError - $error_msg</li>";
    }
    echo "</ul>";
}


[/code]




[quote]"INSERT INTO test Name=$_POST['Name'], Title=$_POST['Title']";[/quote]
try either
[code]<?php
$sql = "INSERT INTO test Name='{$_POST['Name']}', Title='{$_POST['Title']}'";[/code]
or
[code]<?php
$sql = "INSERT INTO test Name='" . $_POST['Name'] . "', Title='" . $_POST['Title'] . "'";[/code]
Im am even farther to being a mysql expert, but shouldnt it be
"INSERT INTO table_name ( column_name1, column_name3,..) VALUES ( '$value1', '$value3',..)"


alright, im saying it again, im not an expert , far from it unfortunatly..
but in the meantime i'd love someone to correct me here if there's any mistake

still hope it helps though :)

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.