Jump to content

need to add a form field to determine if user is human


webguync

Recommended Posts

Hi,

 

I want to add another form field to determine if a user is human and not spam bots. I looked into CAPTCHA, but I think those are annoying. I was thinking about just having the user enter (5+5) and if the answer is not ten, then displaying a incorrect value message. If correct submit form and info to the Database. Not sure how to do that with what I currently have coded though so need some help with that part. Here is the current code.

 

				<?PHP
require_once "formvalidator.php";
$show_form=true;
if(isset($_POST['Submit']))
{
   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");
$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");

    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());

        mysql_select_db("beatthis_beatthis") or die(mysql_error());





$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file

$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file

$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file

$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file

$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file

$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file

$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file

$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file

$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file

$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;

if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

}



else{



mail('[email protected]','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";

  



}

mysql_close($con);

        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is 5 + 5?</label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
	                	<label for="tos">
	                		<input type="checkbox" id="tos" name="tos" value="yes" />
	                		I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
	                	</label>
	                </div>
         <fieldset>

           <div id="service-terms" class="box rounded-all"></div>
	                
		                <div class="controls">
		                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>	
		                </div>
	                </fieldset>
         

</form>
<?PHP
}//true == $show_form
?>

Haven't tested but this should work.

<?PHP
require_once "formvalidator.php";
$show_form=true;

$human_number1 = rand(1, 12);
$human_number2 = rand(1, 38);
$human_answer = $human_number1 + $human_number2;
session_start();
$_SESSION['check_answer'] = $human_answer;

if(isset($_POST['Submit']))
{
if (!isset($_SESSION['check_answer'])) {
	die ("Error: Answer session not set");
}
if($_POST['math'] != $_SESSION['check_answer']) {
	die ("You did not pass the human check.");
}
   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");



$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");
    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());
        mysql_select_db("beatthis_beatthis") or die(mysql_error());
$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file
$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file
$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file
$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file
$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file
$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file
$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file
$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file
$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file
$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;
if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

} else{



mail('[email protected]','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";
}

mysql_close($con);
        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is <?php echo $human_number1." + ".$human_number2. "?"; ?></label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
<label for="tos">
<input type="checkbox" id="tos" name="tos" value="yes" />
I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
</label>
                </div>
         <fieldset>
           <div id="service-terms" class="box rounded-all"></div>
                <div class="controls">
                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>
                </div>
                </fieldset>
</form>
<?PHP
}//true == $show_form
?>

 

I'm not sure if it was a good idea for me to use a session though - I never really use them.

I think I fixed it. Basically $human_answer was being set again when the form was submitted - so if the question was 3 + 7 and you wrote 10 when the form was submitted the question would change to 23 + 12 or something stupid. My bad. ANyway this should fix it. I also replaced the die() functions with echos.

<?PHP
session_start();
require_once "formvalidator.php";
$show_form=true;

if (!isset($_POST['Submit'])) {
$human_number1 = rand(1, 12);
$human_number2 = rand(1, 38);
$human_answer = $human_number1 + $human_number2;
$_SESSION['check_answer'] = $human_answer;
}

if(isset($_POST['Submit']))
{



if (!isset($_SESSION['check_answer'])) {
echo "<p>Error: Answer session not set</p>";
}


if($_POST['math'] != $_SESSION['check_answer']) {
echo "<p>You did not pass the human check.</p>";
}


   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");





$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");
    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());
        mysql_select_db("beatthis_beatthis") or die(mysql_error());
$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file
$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file
$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file
$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file
$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file
$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file
$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file
$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file
$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file
$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;
if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

} else{



mail('[email protected]','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";
}

mysql_close($con);
        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is <?php echo $human_number1." + ".$human_number2. "?"; ?></label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
<label for="tos">
<input type="checkbox" id="tos" name="tos" value="yes" />
I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
</label>
                </div>
         <fieldset>
           <div id="service-terms" class="box rounded-all"></div>
                <div class="controls">
                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>
                </div>
                </fieldset>
</form>
<?PHP
}//true == $show_form
?>

 

 

 

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.