Jump to content

Recommended Posts

I have created a Captcha image to use on various forms. It works fine in one are creating a row of letters that when entered correctly send the information to the correct email.

 

However when I cut and paste the exact same code the image creates numbers that cannot be read and therefore the form cannot be sent. I cannot for the life of me see why this would be?

 

Or at least prevent numbers form appearing?

 

Thanks very much in advance for any help

 

Code below:

			<?php session_start();

			 // Set some important CAPTCHA constants

			define('CAPTCHA_NUMCHARS', 6);
			define('CAPTCHA_WIDTH', 100);
			define('CAPTCHA_HEIGHT', 25); 				
// Generate the random pass-phrase

$pass_phrase = "";

			for ($i = 0; $i < CAPTCHA_NUMCHARS; $i++) {

			$pass_phrase .= chr(rand(97, 122));
			 }				

// Store the encrypted pass-phrase in a session variable

			$_SESSION['pass_phrase'] = SHA1($pass_phrase);				

// Create the image

			$img = imagecreatetruecolor(CAPTCHA_WIDTH, CAPTCHA_HEIGHT);				

// Set a white background with black text and gray graphics

			$bg_color = imagecolorallocate($img, 255, 255, 255);	 // white

			$text_color = imagecolorallocate($img, 0, 0, 0);		 // black

			$graphic_color = imagecolorallocate($img, 64, 64, 64); // dark gray				

// Fill the background
			 imagefilledrectangle($img, 0, 0, CAPTCHA_WIDTH, CAPTCHA_HEIGHT, $bg_color);				

// Draw some random lines

			for ($i = 0; $i < 5; $i++) {
			 imageline($img, 0, rand() % CAPTCHA_HEIGHT, CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color);
			 }				

// Sprinkle in some random dots

			for ($i = 0; $i < 50; $i++) {
			 imagesetpixel($img, rand() % CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color);
			 }				

// Draw the pass-phrase string				
imagettftext($img, 18, 0, 5, CAPTCHA_HEIGHT - 5, $text_color, 'Courier New Bold.ttf', $pass_phrase);				

// Output the image as a PNG using a header

			header("Content-type: image/png");
			 imagepng($img);				

			 // Clean up

			imagedestroy($img);				

?>

 

The above works wioth this code below:

			<?php				
$from = "";
			$subject = "";
			$onesevenoaksmail = "";				

			if (isset($_POST['submit'])) {

			$from = $_POST ['from'];
			$subject = $_POST ['subject'];
			$onesevenoaksmail = $_POST ['onesevenoaksmail'];
			$email = "[email protected]";
			$output_form = 'no';				

if (empty($subject)) {

			//$subject is blank

			echo '<p class="error">You forgot to enter a subject.</p>';

			$output_form = 'yes';
			 }				

if (empty($onesevenoaksmail)) {

			// $onesevenoaksmail is blank	
			echo '<p class="error">You forgot to enter your message.</p>';

			$output_form = 'yes';
			 }				

//Check the CAPTCHA pass-phrase for verification
			$user_pass_phrase = sha1($_POST['verify']);				
if ($_SESSION['pass_phrase'] != $user_pass_phrase) {
			echo '<p class="error">Please enter the verification pass phrase exactly as shown.</p>';
			$output_form = 'yes'; }				

			if (!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9\._\-&!?=#]*@/', $from)) {	
			//$email is invlaid beacsue local name is bad
			echo '<p class="error">Your email address is incorrect.</p>';

			$output_form = 'yes';
			 }				

else {				
//strip out everything but the domain from the email
			$domain = preg_replace('/^[a-zA-Z0-9][a-zA-Z0-9\._\-&!?=#]*@/', '', $from);				
//Now check if $domain is registered

			function win_checkdnsrr($domain,$recType='') {
			if (!empty($domain)) {
			 if ($recType=='') $recType="MX";
			 exec("nslookup -type=$recType $domain",$output);
			 foreach($output as $line) {
			 if (preg_match("/^$domain/", $line)) {
			return true;				


				 }
			 return false;
			 }
			 return false;				

			}				

			}				
}

			} else {

			$output_form = 'yes';
			 }				

			if ($output_form == 'yes')				

{
			?>
			<table>
			<tr>
			<td>				

<form enctype="multipart/form-data" method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">


			<label for="from">Email:</label></td>

			<td><input id="from" name="from" type="text" size="60" value="<?php echo $from; ?>"/></td></tr>




			<tr>
			<td>
			<label for="subject">Subject of email: </label></td>
			<td><input type="text" id="subject" name="subject" size="60" value="<?php echo $subject; ?>" />
			</td>
			</tr>
			<tr>
			<td>
			<label for="onesevenoaksmail">Body of email: </label></td>
			<td><textarea id="onesevenoaksmail" name="onesevenoaksmail" rows="8" cols="60"><?php echo $onesevenoaksmail; ?></textarea>

			</td>
			</tr>				
<tr>
			<td>Verification:</td>
			<td>
			<input type = "text" id="verify" name="verify" size="30" />
			<img src="captcha.php" alt="Verification pass-phrase" />
			</td>
			</tr>				
<tr>
			<td>				

			<input type="submit" name="submit" value="Submit" />
			</td>
			</tr>
			</table>
			<hr>
			</form>
			<?php
			 }

			else if ($output_form == 'no') {
			$msg = "Dear Doug\n Subject: $subject\n Message: $onesevenoaksmail\n From: $from";				
$headers = "[email protected]";
			mail($headers, $subject, $msg, 'from:' . '[email protected]'); echo '<p> Thank you for the message! We will respond within 48 hours</p>';				

}				
?>				

 

but not this code below:

			<?php session_start(); ?>				
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
			"http://www.w3.org/TR/html4/strict.dtd">
			<html lang="en">
			<head>

			<meta http-equiv="Content-Type" content="text/html; charset=utf-8">				
<title>Web development kent - Contact DP Web Development </title>				
<link rel="stylesheet" href="dpwebdevelopment1.css" type="text/css" />				
</head>
			<body id="contact">				
<div id="wrap4">

			<div id="header">
			DP WEB DEVELOPMENT
			</div>

			<?php require_once('navmenu.php'); ?>
			<img alt='contactus image' src='webdevelopmentimages/reflowers.jpg' border='0'/>				
<H1>Contact DP Web Development</h1> &nbsp<div id="phone">
			<img src="webdevelopmentimages/phoneicon.gif" alt="phone DP Web Development">07939014511
			</div>
			<p>Whatever your situation we would love to hear from you</p>
			<?php				
$firstname = "";
			$lastname = "";
			$from = "";
			$subject = "";
			$dpwebdevelopmentmail = "";
			$number = "";
			$webmail = "";				

			if (isset($_POST['submit'])) {

			$firstname = $_POST ['firstname'];
			$lastname = $_POST ['lastname'];
			$from = $_POST ['from'];
			$subject = $_POST ['subject'];
			$dpwebdevelopmentmail = $_POST ['dpwebdevelopmentmail'];
			$email = "[email protected]";
			$number = $_POST ['number'];
			$webmail = $_POST['webmail'];
			$output_form = 'no';				

if (empty($firstname)) {

			//$firtsname is blank

			echo '<p class="error">You forgot to enter your first name.</p>';

			$output_form = 'yes';
			 }				

if (empty($lastname)) {

			//$lastname is blank

			echo '<p class="error">You forgot to enter your last name.</p>';

			$output_form = 'yes';
			 }				

if (empty($subject)) {

			//$subject is blank

			echo '<p class="error">You forgot to enter a subject.</p>';

			$output_form = 'yes';
			 }				

if (empty($dpwebdevelopmentmail)) {

			// $dpwebdevelopmentmail is blank	
			echo '<p class="error">You forgot to enter your message.</p>';

			$output_form = 'yes';
			 }				

//Check the CAPTCHA pass-phrase for verification
			$user_pass_phrase = sha1($_POST['verify']);				
if ($_SESSION['pass_phrase'] != $user_pass_phrase) {
			echo '<p class="error">Please enter the verification pass phrase exactly as it is shown.</p>';
			$output_form = 'yes'; }				

			if (!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9\._\-&!?=#]*@/', $from)) {	
			//$email is invlaid beacsue local name is bad
			echo '<p class="error">Your email address was not recognised. Please enter it again..</p>';

			$output_form = 'yes';
			 }				

else {				
//strip out everything but the domain from the email
			$domain = preg_replace('/^[a-zA-Z0-9][a-zA-Z0-9\._\-&!?=#]*@/', '', $from);				
//Now check if $domain is registered

			function win_checkdnsrr($domain,$recType='') {
			if (!empty($domain)) {
			 if ($recType=='') $recType="MX";
			 exec("nslookup -type=$recType $domain",$output);
			 foreach($output as $line) {
			 if (preg_match("/^$domain/", $line)) {
			return true;				


				 }
			 return false;
			 }
			 return false;				

			}				

			}				
}

			} else {

			$output_form = 'yes';
			 }				

			if ($output_form == 'yes')				
{
			?>
			<table>
			<tr>
			<td>				

<form enctype="multipart/form-data" method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">


<tr>
			<td>
			<label for="firstname">First Name: </label></td>
			<td><input type="text" id="firstname" name="firstname" size="60" value="<?php echo $firstname; ?>" />
			</td>
			</tr>				
<tr>
			<td>
			<label for="lastname">Last Name: </label></td>
			<td><input type="text" id="lastname" name="lastname" size="60" value="<?php echo $lastname; ?>" />
			</td>
			</tr>				

			<tr>
			<td>
			<label for="subject">Subject of email: </label></td>
			<td><input type="text" id="subject" name="subject" size="60" value="<?php echo $subject; ?>" />
			</td>
			</tr>				

<tr>
			<td>
			<label for="dpwebdevelopmentmail">Message </label></td>
			<td><textarea id="dpwebdevelopmentmail" name="dpwebdevelopmentmail" rows="8" cols="60"><?php echo $dpwebdevelopmentmail; ?></textarea>

			</td>
			</tr>
			<tr>
			<td>
			<label for="from">Your Email address:</label></td>

			<td><input id="from" name="from" type="text" size="60" value="<?php echo $from; ?>"/></td></tr>				
<tr>
			<td>
			<label for="from">Your contact phone number:</label></td>

			<td><input id="number" name="number" type="text" size="60" value="<?php echo $number ?>"/>
			</td>
			</tr>				
<tr>
			<td>
			<label for="contact">How would you prefer to be contacted?:</label></td>

			<td>Email <input id="webmail" name="webmail" type="radio" value="webmail" checked />
			Phone<input id="webmail" name="webmail" type="radio" value="phone" />
			</td>
			</tr>				

			<tr>
			<td>Verification:</td>
			<td>
			<input type = "text" id="verify" name="verify" size="30" />
			<img src="captcha.php" alt="Verification pass-phrase" />
			</td>
			</tr>				
<tr>
			<td>				

			<input type="submit" name="submit" value="Submit" />
			</td>
			</tr>
			</table>				
<hr>
			</form>
			<?php
			 }

			else if ($output_form == 'no') {
			$msg = "Dear Doug\n FirstName: $firstname\n Lastname: $lastname\n Subject: $subject\n Message: $dpwebdevelopmentmail\n Phone: $number\n Contact: $webmail\n From: $from";				
$headers = "[email protected]";
			mail($headers, $subject, $msg, 'from:' . '[email protected]'); echo '<p> Thank you for the message! We will respond within 24 hours</p>';				

}				
?>				

</body>
			</html>				

Link to comment
https://forums.phpfreaks.com/topic/270412-same-code-different-outcome-why/
Share on other sites

The problem is most likely due to register_globals being turned on. When you store the hashed value to $_SESSION['pass_phrase'] (or it already has a value in it), php sets $pass_phrase to that same value.

 

What does a phpinfo statement show for the register globals setting on both systems?

Register_globals were turned off by default over 10 years ago (unfortunately web hosts and 'php coders' didn't get and follow the loose recommendation.)

 

If you have access to the master php.ini, that's where you should turn them off at. If you are on shared web hosting, you can turn it off in a local php.ini (when php is running as a CGI application) or in a .htaccess file (when php is running as an Apache Module.) The syntax for a php.ini would be register_globals off The syntax for a .htaccess file would be php_flag register_globals off

 

As a test, you can change the name of your session variable to something else.

ok..i must have read th wrong thing. This file is only a few weeks old!

 

The programs work on my local host. They work in the all other programs I have used. It is only this one that it does not work as expected, giving out 40 characters rather than 6

 

Thnaks for your continued help!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.