Jump to content

Recommended Posts

For years I have used a simple captcha application displaying a simple combination of letters and numbers.

 

All has worked fine except that my hosting company upgraded some of their servers from PHP 5.2.17 to PHP 5.4.29.  The numbers now down't display and I can submit the form without filling any captcha into the text box.

 

On the otherhand, I have a couple of sites on different servers, (same hosting company) using PHP 5.2.17 and the captcha application works perfectly.

 

The code to make the captcha works uses $HTTP_SESSION_VARS and I understand it is deptrecated with newer versions of PHP so I changed to $_SESSION.

 

If I fill out the form and leave the captcha blank it will default to the error message and require a return to the form page to fill in the captcha.  Once filled in and the form submitted, it goes to the default message.

 

It appears that the session variable is not passing to the page and recognized.

First, there is an seperate file that formats the random numbers and letters doimg.php

<?php

// Create the image with width=150 and height=40
$IMGVER_IMAGE = imagecreate(150,40);

// Allocate two colors (Black & White)
// This uses the RGB names of the colors
$IMGVER_COLOR_BLACK = imagecolorallocate ($IMGVER_IMAGE, 0, 0, 0);
$IMGVER_COLOR_WHITE = imagecolorallocate ($IMGVER_IMAGE, 255, 255, 255);

// Flood Fill our image with black
imagefill($IMGVER_IMAGE, 0, 0, $IMGVER_COLOR_BLACK);

// This handles our session. We get the random text that
// was stored in our session var on the first page.
session_start();
$IMGVER_RandomText = $_SESSION["IMGVER_RndText"];
//$IMGVER_RandomText = $HTTP_SESSION_VARS["IMGVER_RndText"];
// Since our Text had 6 chars (we defined this not to be longer)
// we now write the 6 random chars in our picture
// For those who don´t know: You can access the third character
//in a string easily by typing $myString[2];
imagechar($IMGVER_IMAGE, 8, 20, 13, $IMGVER_RandomText[0] ,$IMGVER_COLOR_WHITE);
imagechar($IMGVER_IMAGE, 18, 40, 18, $IMGVER_RandomText[1] ,$IMGVER_COLOR_WHITE);
imagechar($IMGVER_IMAGE, 12, 60, 13, $IMGVER_RandomText[2] ,$IMGVER_COLOR_WHITE);
imagechar($IMGVER_IMAGE, 10, 80, 10, $IMGVER_RandomText[3] ,$IMGVER_COLOR_WHITE);
imagechar($IMGVER_IMAGE, 12, 100, 13, $IMGVER_RandomText[4] ,$IMGVER_COLOR_WHITE);
imagechar($IMGVER_IMAGE, 12, 120, 13, $IMGVER_RandomText[5] ,$IMGVER_COLOR_WHITE);

//Now we send the picture to the Browser
header("Content-type: image/jpeg");
imagejpeg($IMGVER_IMAGE);
?>

Nest there is the form page creating the session variable and displaying the random numbers and letters in the form  form.php

<?php
session_start();
		
	// Initialize a variable. THIS IS OBSOLETE AND ONLY USED TO PREVENT
	// NOTICES ON SOME SYSTEMS. 
		$IMGVER_TempString="";
		
	// Now we generate a string that consists of 6 characters that are
	// generated randomly. I choose 6, because I didn´t want the user to
	// type forever. Of course, any other number would do as well. (NOTE,
	// THAT IF YOU USE ANOTHER NUMBER, YOU ALSO HAVE TO EDIT THE IMAGE 
	// CODE) --> Have a look at the GetRandomChar() function at the bottom
	// of this script!
		for ($i = 1; $i <= 6; $i++) {
	       $IMGVER_TempString .= GetRandomChar();
		}
		
	// Now we store the text in our session variable.
	
		$_SESSION["IMGVER_RndText"] = $IMGVER_TempString;
		//$HTTP_SESSION_VARS["IMGVER_RndText"] = $IMGVER_TempString;


	function GetRandomChar() {
	// This function generates our random chars
		
	// Seed with microseconds since last "whole" second
		mt_srand((double)microtime()*1000000);
		
	// Create a random number between 1 and 3
		$IMGVER_RandVal = mt_rand(1,3);
		
	// If the random number was 1, we generate a lowercase
	// character, if it was 2, we generate a number and if
	// it was 3, we generate an uppercase character.
		
		switch ($IMGVER_RandVal) {
	    case 1:
	  	  // 97 to 122 are the ASCII codes for lower-
	  	  // case characters from a to z.
	        $IMGVER_RandVal = mt_rand(97, 98); 
	        break;
	    case 2:
	  	  // 48 to 57 are the ASCII codes for the 
	  	  // numbers from 0 to 9.
	        $IMGVER_RandVal = mt_rand(49, 57);
	        break;
	    case 3:
	  	  // 65 to 70 are the ASCII codes for upper-
	  	  // case characters from a to z.
	        $IMGVER_RandVal = mt_rand(65, 78);
	        break;
		}
		
	// Now we return the character, generated from the ASCII code
		return chr($IMGVER_RandVal);
	}

// BELOW THIS LINE YOU CAN WRITE HTML CODE OR ANYTHING ELSE.
?>


<form action="form_submitted.php" method="post" onSubmit="return validateForm(this)" id=form1 name=form1>
<table width="558" align="center" cellpadding="0" cellspacing="0" border="0">
    <tr>
        <td width="172" height="30" valign="middle"><p>Company Name: </p></td>
        <td width="331" valign="middle"><label>
        <input name="company" type="text" id="company" size="50" />
        </label>
        </td>
    </tr>
 
    <tr>
                    <td height="30" valign="middle"><p>Email Address: </p></td>
                    <td valign="middle"><input name="email" type="text" id="email" size="50" />
            </td>
    </tr>
        
    <tr>
        <td height="51"> </td>
        <td valign="top">
        <img src="doimg.php?<?php echo SID ?>" /> <input type="button" value="Reload Page" onClick="window.location.reload()"><br>
        </td>
    </tr>
    
    <tr>
        <td height="30"> </td>
        <td class="body_text_13_left">Please Enter Captcha Code
        <br><input name="txtCode" type="text" id="txtCode" size="10" />
        </td>
    </tr>
    
    <tr>
        <td height="30"><p> </p></td>
        <td><input type="submit" name="Submit" value="Submit" />
        </td>
    </tr>
</table>
</form>

The form page is submitted to form_submitted.php where session varible is processed and then there is an  if statement.  If the variable is equal the page sends an email out, if not there is an error message to return and fill out the correct captcha

<?php
session_start();

$company = $_POST["company"];
$email = $_POST["email"];


	// Then we get the Text entered by the user and 
	// the random generated text
	$IMGVER_EnteredText = $HTTP_POST_VARS["txtCode"];

	$IMGVER_RandomText = $_SESSION["IMGVER_RndText"];
	//$IMGVER_RandomText = $HTTP_SESSION_VARS["IMGVER_RndText"];




	// Now we check, if the two strings are the same
	if ($IMGVER_EnteredText == $IMGVER_RandomText) {
?>

This is where the script to send the email out with the $_POST variables and a html thank you.

<?php
} else {
?>

This is where the HTML to return to form.php is contained

<?php
	}	
?>

His is in it's simplest form, no html markup which would have no bearing on the process.

what about next one - $HTTP_POST_VARS? Have you checked its value? I am using it, but on my server with php version 4.1.0, so it's deprecated long time ago and replaced by $_POST. 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.