php form and captcha code

[ashadweb]

Hi,

 

i have a php contact form and recently i tried to add a capcthca code to that but its not working properly.

http://ashad.info/sv/seo+vantage+contact+us.php

 

here is the code any idea?

 

<form action="mailer.php" method="POST" onsubmit="MM_validateForm('name','','R','company','','R','phone','','RisNum','email','','RisEmail');return document.MM_returnValue">

  <fieldset id="contact_form">
    <ol>

        
         <li>
            <label>Name :<em>*</em></label>
            <input name="name" type="text"/>
          </li>
        
      
        
        <li>
            <label>Company :<em>*</em></label>
            <input name="company" type="text"/>
          </li>
        
          <li>
            <label>Address :<em>*</em></label>
            <textarea name="address" cols="" rows="" style="width:150px;"></textarea>
          </li>
        
        
          <li>
            <label>City :<em>*</em></label>
            <input name="city" type="text"/>
          </li>
        
      
        
         <li>
            <label>Phone :<em>*</em></label>
            <input name="phone" type="text"/>
          </li>
        
        
           <li>
            <label>E-mail :<em>*</em></label>
            <input name="email" type="text"/>
          </li>
        
          <li>
            <label>Comments :</label>
            <textarea name="comments" cols="" rows="" style="width:150px;"></textarea>
          </li>
        
        <li><label>Type verification image : </label>
<input name="verif_box" type="text" id="verif_box" style="padding:2px; border:1px solid #CCCCCC; width:180px; height:14px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:11px;"/>
<img src="verificationimage.php?<?php echo rand(0,9999);?>" alt="verification image, type it in the box" width="50" height="24" align="absbottom" /><br />
<br />

<!-- if the variable "wrong_code" is sent from previous page then display the error field -->
<?php if(isset($_GET['wrong_code'])){?>
<div style="border:1px solid #990000; background-color:#D70000; color:#FFFFFF; padding:4px; padding-left:6px;width:295px;">Wrong verification code</div><br /> 
<?php ;}?>


<br />
<br />
<input name="submit" type="submit" class="subbtn" value="              " style="margin-left:200px;">

      
       
    </ol>
</fieldset>

</form>

 

 

here is the php code

<?php



$verif_box = $_REQUEST["verif_box"];

// remove the backslashes that normally appears when entering " or '

$from = stripslashes($from); 

// check to see if verificaton code was correct
if(md5($verif_box).'a4xn' == $_COOKIE['tntcon']){
    // if verification code was correct send the message and show this page
    include ("email.php");
    // delete the cookie so it cannot sent again by refreshing this page
    setcookie('tntcon','');
} else {
    // if verification code was incorrect then return to contact page and show error
    header("Location:".$_SERVER['HTTP_REFERER']."?subject=$subject&from=$from&message=$message&wrong_code=true");
    exit;
}
?>
<? include ("thanks.php"); ?>

[b][color=red]email.php page below
[color=blue]<?php

header('Location: thanks.php');
if(isset($_POST['submit'])) {


$to = "ashadweb@gmail.com";
$subject = "From SEO Vantage Contact us page";

$name = $_POST['name'];
$company = $_POST['company'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$comments = $_POST['comments'];
$verif_box = $_REQUEST["verif_box"];



$body = "        Name    : $name\n 
        Company : $company\n 
        Address : $address\n
        City     : $city\n
        State    : $state\n
        Zip     : $zip\n
        Phone     : $phone\n
        Email    : $email\n
        Comments : $comments";

$from = "From: $email";

echo "Data has been submitted to $to!";
mail($to, $subject, $body, $from);

} else {

echo "sorry your data havn't been sent (error)";

}
?>

 

captcha php file below

<?php
session_start();

$RandomStr = md5(microtime());// md5 to generate the random string

$ResultStr = substr($RandomStr,0,5);//trim 5 digit 

$NewImage =imagecreatefromjpeg("img.jpg");//image create by existing image and as back ground 

$LineColor = imagecolorallocate($NewImage,233,239,239);//line color 
$TextColor = imagecolorallocate($NewImage, 255, 255, 255);//text color-white

imageline($NewImage,1,1,40,40,$LineColor);//create line 1 on image 
imageline($NewImage,1,100,60,0,$LineColor);//create line 2 on image 

imagestring($NewImage, 5, 20, 10, $ResultStr, $TextColor);// Draw a random string horizontally 

$_SESSION['key'] = $ResultStr;// carry the data through session

header("Content-type: image/jpeg");// out out the image 

imagejpeg($NewImage);//Output image to browser 

?>

[Ken2k7]

Please use the

tags and please avoid coloring your code at all cost.

[ashadweb]

Please use the

tags and please avoid coloring your code at all cost.

 

ok thanks i did can u help me?

[mikr]

When you create your captcha image, you set a session variable ($_SESSION['key']). When you test for the correct value, you test a cookie variable ($_COOKIE['tntcon']). That might be your problem.

[JonnoTheDev]

Do you realize you have just posted the algorithm to your captcha aswell as the url

$RandomStr = md5(microtime());
$ResultStr = substr($RandomStr,0,5);

 

You better change this before it goes live i.e.

$RandomStr = md5(microtime()."This is a secret string");
$ResultStr = substr($RandomStr,0,5);

[ashadweb]

yeah thanks fixed