Help with captcha script needed

[Elven6]

Hello,

 

I am working on a script where reCAPTCHA or a similar form of CAPTCHA will be used, for the sake of this example I will talk about reCAPTCHA. I wanted to know how I could have the reCAPTCHA script store a value upon correctly entering a code that will be used by a different script to allow on to proceed?

 

A snippet of the reCAPTCHA code which will be located in a file called recaptcha.php.

 

if ($resp->is_valid) {
[b]   $captcha = "1";
    # in a real application, you should send an email, create an account, etc[/b]
  } else {
    # set the error code so that we can display it. You could also use
    # die ("reCAPTCHA failed"), but using the error message is
    # more user friendly
    $error = $resp->error;
  }
}

 

 

I bolded the part of interest, how would I be able to use a variable like

 

$captcha = "1";

 

In a completely different file that is called login.php to allow one to login if the captcha is correct? The value would only be needed for that session of course. I want to use this method because the captcha script might be used in multiple locations so I figure this route would be easier and allow for quicker modifications than have the script called each time in different files for instance.

 

The only alternative I can think of is using MySQL or local files to store the answer but that won't be very logical for a script that could have hundreds of requests an hour.

 

Any help would be appreciated, thanks in advance!

[teamatomic]

I think you answered it yourself.

 

>>The value would only be needed for that session of course.

$_SESSION['captcha'];

 

HTH

Teamatomic

[Elven6]

Don't know how I missed that! Thank you very much, will have to start experimenting with it later today.

 

Thanks again!

[Elven6]

I seem to be running into a few issues here, this is how the CAPTCHA file looks like, (the part of interest at least)

 

if ($resp->is_valid) {
    [b]$_SESSION['CAPTCHA'] = '1';[/b]
    # in a real application, you should send an email, create an account, etc
  } else {
    # set the error code so that we can display it. You could also use
    # die ("reCAPTCHA failed"), but using the error message is
    # more user friendly
    $error = $resp->error;
  }
}

 

The session is being generated in a different file than the one the user interacts with, the above code is in a file called captcha.php and the below code is in a file called user.php. The captcha.php file however is included (using the include(); function) in the form contained in user.php, if that makes sense.

 

if($_SESSION['CAPTCHA'] == '1') {

$_POST['text'] = preg_replace("/<br>\n/","\n",addslashes($_POST['text']));
$_POST['text'] = preg_replace("/<br \/>\n/","\n",addslashes($_POST['text']));
$_POST['text'] = preg_replace("/(\015\012)|(\015)|(\012)/","<br>\n",addslashes($_POST['text']));

 

I only want the code to go through if the session is generated to say '1' (aka reCAPTCHA is correct), I have tried many variations of the if statement above yet haven't been able to get anything to work. I have looked over numerous examples but can't seem to find one that addresses the problem I am facing.

[teamatomic]

How do you know the _SESSION['CAPTHCA'] is in a different file than the users session? Once you finish with the capcha script can you get to the _SESSION['CPTCHA'] and echo it out? If you are really sure it is in a different session file then look through the class file(S) and see if it generates a different session, if so then you need to stop that from happening and it woll be in the current users session.

 

As to the sceond part of your post. If you fix the session problem I think the second will straighten itself out along with it.

 

 

HTH

Teamatomic

 

[Elven6]

The $_SESSION['CAPTCHA'] would only be given the variable of 1 if the CAPTCHA code is correct, the CAPTCHA code is in a file called captcha.php with the form that has to be submitted being in user.php. The CAPTCHA code is included in the form by using,

 

include("captcha.php");

 

I tried to echo the session but nothing would show up, I assume that means the data isn't translating over to the form properly?

 

Here's a basic run down of what it should do,

 

1. User enters CAPTCHA code

2. User submits form

3. If CAPTCHA is right $_SESSION['CAPTCHA'] = 1

4. If CAPTCHA is wrong $_SESSION['CAPTCHA'] = 0

5. If $_SESSION['CAPTCHA'] = 1 form can proceed

6. If $_SESSION['CAPTCHA'] = 0 form will generate error and not proceed

 

Hope I explained it well.

[Elven6]

I seem to have gotten the script to partially work by using,

 

if(!$_SESSION['CAPTCHA'] .= 0) {

 

Instead of == and the like, I've run into another problem where it would correctly authenticate you the first time around but once you get it right it will always let you through. I think this might have something to do with how the session is started/ended, currently experimenting with that.

[teamatomic]

With the .=0, every time your captcha goes through that it will add a 0 to it.

once = 0

twice = 00

etc.

 

This is just a guess here but look through the calss you are using. Does it validate with == or ===. the double equal will let 1 = '1' where the trip equal will demand that the type be the samem, cause 1 is an integer where '1' is a string. You will also run into problems if it asks true/false cause it expects an integer(0/1). Cause it looks like to me that the problem lies with the $resp->isvalid function in the class.

[Elven6]

I tried to use the === you suggested and changed all the $_SESSIONS['CAPTCHA'] variables to use the '' to avoid and confusion with integers.

 

In the end it didn't work, I even tried changing everything to integers (aka without '') and it still didn't work.