php captcha within javascript problem

gckmac · April 28, 2009

I am trying to add a captcha from reCaptcha.net (Carnegie Mellon project) to an error submission form.

I have succeeded in getting the captcha input form to show. However, I cannot get the captcha process code to work. Can someone point out WHERE on this form it would go? (You will see the captcha input code, which is fine).

<?php

require_once("../scripts/dbinfo.php");

$tplpath = "../scripts/tpl";

$link = mysql_connect($server, $userid, $password);

mysql_select_db($db, $link);

if (isset($_GET['id'])) {

$id = $_GET['id'];

$type = $_GET['type'];

if ($type == "event") {

$checkquery = "select title from maine_festivals where id = '$id'";

$title = "Report Update";

} else {

$checkquery = "select name from maine_hotels where id = '$id'";

$title = "Report Error";

}

$checkresult = mysql_query($checkquery, $link);

$row = mysql_fetch_array($checkresult);

$propertyname = $row[0];

$from_url = $_SERVER['HTTP_REFERER'];

}

if (isset($_POST['signup']) && $_POST['signup'] == "Submit") {

$msg = quote_smart($_POST['msg']);

$email = quote_smart($_POST['email']);

$from_url = $_POST['from_url'];

$propertyname = $_POST['propertyname'];

$subject = "Error Report about $propertyname";

$body = $msg;

if ($email != "") {

$body .= "\n Reported by $email";

}

$body .= "\nURL: $from_url";

$headers = 'From: [email protected]' . "\r\n";

mail("[email protected]", $subject, $body, $headers);

header("Location: $from_url");

}

function tpl_head() {

global $tplpath;

global $title;

echo <<<tpl

<title>Maine.info - $title</title>

</script>

GS_googleAddAdSenseService("ca-pub-xxx");

GS_googleEnableAllServices();

</script>

GA_googleAddSlot("ca-pub-xxx", "Maine_General_LHS_120x60");

GA_googleAddSlot("ca-pub-xxx", "Maine_General_LHS_120x600_1st");

GA_googleAddSlot("ca-pub-xxx", "Maine_General_LHS_120x600_2nd");

GA_googleAddSlot("ca-pub-xxx", "Maine_General_LHS_120x90");

GA_googleAddSlot("ca-pub-xxx", "Maine_General_RHS_300x250_1st");

GA_googleAddSlot("ca-pub-xxx", "Maine_General_RHS_300x250_2nd");

GA_googleAddSlot("ca-pub-xxx", "Maine_General_TOP_468x60");

</script>

GA_googleFetchAds();

</script>

/*

$().ready(function() {

// validate the comment form when it is submitted

$("#signupform").validate({

rules: {

email: {

required: true,

email: true

}

},

messages: {

email: "Please enter a valid email address"

}

});

*/

</script>

#signupform { width: 90%; margin: 25px; }

#signupform label {

width: 100%;

/* text-align: right; */

display:block;

}

/*#signupform input.submit { margin-left: 183px; }*/

#signupform label.error {

margin-left: 155px;

width: auto;

text-align: left;

/* display: inline;*/

}

body {

min-width: 1000px;

}

</style>

tpl;

}

include($tplpath . "/header.inc");

?>

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_LHS_120x60

-->

GA_googleFillSlot("Maine_General_LHS_120x60");

</script>

<!-- END OF TAG FOR SLOT Maine_General_LHS_120x60

-->

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_LHS_120x90

-->

GA_googleFillSlot("Maine_General_LHS_120x90");

</script>

<!-- END OF TAG FOR SLOT Maine_General_LHS_120x90

-->

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_LHS_120x600_1st

-->

GA_googleFillSlot("Maine_General_LHS_120x600_1st");

</script>

<!-- END OF TAG FOR SLOT Maine_General_LHS_120x600_1st

-->

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_LHS_120x600_2nd

-->

GA_googleFillSlot("Maine_General_LHS_120x600_2nd");

</script>

<!-- END OF TAG FOR SLOT Maine_General_LHS_120x600_2nd

-->

</div>

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_TOP_468x60

-->

GA_googleFillSlot("Maine_General_TOP_468x60");

</script>

<!-- END OF TAG FOR SLOT Maine_General_TOP_468x60

-->

<?php

if ($type == "event") {

$msg = "Thank you for updating our listing for <strong>$propertyname</strong>. We appreciate your time. Other folks will too.";

} else {

$msg = "Thank you for reporting an error in our listing for <strong>$propertyname</strong>. We appreciate your time. Other folks will too.";

}

?>

<p>

<label for="msg">Describe Problem</label>

</p>

<p>

<label for="email">Email (Optional) </label>

<?php

require_once("../captcha/recaptchalib.php");

$publickey = "6Le_LAYAAAAAAOuWVFAZzv-zRO_jN7km48LHHYEq"; // you got this from the signup page

echo recaptcha_get_html($publickey);

?>

</p>

</fieldset>

</form>

<?php

?>

</div>

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_RHS_300x250_1st

-->

GA_googleFillSlot("Maine_General_RHS_300x250_1st");

</script>

<!-- END OF TAG FOR SLOT Maine_General_RHS_300x250_1st

-->

<!-- PUT THIS TAG IN DESIRED LOCATION OF SLOT Maine_General_RHS_300x250_2nd

-->

GA_googleFillSlot("Maine_General_RHS_300x250_2nd");

</script>

<!-- END OF TAG FOR SLOT Maine_General_RHS_300x250_2nd

-->

</div>

<?php

include($tplpath . "/footer.inc");

?>

ignace · April 28, 2009

You are missing the recaptcha_check_answer() function call which returns you a response object on which you can check if the response was valid as part of your form validation.

<?php
$response = recaptcha_check_answer('your-secret-key', $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if ($response->is_valid) {
    // valid captcha response
}
?>

The full explanation can be found on http://recaptcha.net/plugins/php/

gckmac · April 28, 2009

Yes, I've added the process code (didn't show it before). I made progress rearranging the code. The remaining issue is that when wrong captcha is entered, the form forgets the event ID that went with it ... see code below ...

<?php

if ($type == "event") {

$msg = "Thank you for updating our listing for <strong>$propertyname</strong>. We appreciate your time. Other folks will too.";

} else {

$msg = "Thank you for reporting an error in our listing for <strong>$propertyname</strong>. We appreciate your time. Other folks will too.";

}

?>

<p>

<label for="msg">Describe Problem</label>

</p>

<p>

<label for="email">Email (Optional) </label>

<?php

require_once("../captcha/recaptchalib.php");

$publickey = "6Le_LAYAAAAAAOuWVFAZzv-zRO_jN7km48LHHYEq"; // you got this from the signup page

echo recaptcha_get_html($publickey);

?>

</p>

</fieldset>

</form>

<?php

if (isset($_POST['signup']) && $_POST['signup'] == "Submit") {

require_once("../captcha/recaptchalib.php");

$privatekey = "xxxxxx";

$resp = recaptcha_check_answer ($privatekey,

$_SERVER["REMOTE_ADDR"],

$_POST["recaptcha_challenge_field"],

$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {

die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .

"(reCAPTCHA said: " . $resp->error . ")");

}

?>

<?php

$msg = quote_smart($_POST['msg']);

$email = quote_smart($_POST['email']);

$from_url = $_POST['from_url'];

$propertyname = $_POST['propertyname'];

$subject = "Error Report about $propertyname";

$body = $msg;

if ($email != "") {

$body .= "\n Reported by $email";

}

$body .= "\nURL: $from_url";

$headers = 'From: [email protected]' . "\r\n";

mail("[email protected]", $subject, $body, $headers);

header("Location: $from_url");

}

?>

gckmac · April 28, 2009

So the problem is basically a failure to properly loop ...

1. If captcha is correct, I come back to the captcha form and dont' tell anyone AOK (though it does submit with correct database id).

2. If captcha is incorrect, I come back to the captcha form and lose the database event ID. So if user submits again, the event it applies to is unknown.

I am learning php ... but too slowly.

thx,

gckmac

Sign In

php captcha within javascript problem

Recommended Posts

gckmac

Link to comment

Share on other sites

ignace

Link to comment

Share on other sites

gckmac

Link to comment

Share on other sites

gckmac

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information