Jump to content

Integrating captcha code into Contact Form gets "Wrong Code Entered"


Recommended Posts

I merged this code from a captcha script:

 

<?php
session_start();
if(isset($_POST["captcha"])&&$_POST["captcha"]!=""&&$_SESSION["code"]==$_POST["captcha"])
{
echo "Correct Code Entered";
//Do your stuff
}
else
{
die("Wrong Code Entered");
}
?>

with a working Contact Form script code:

<?php
$data = json_decode(file_get_contents("php://input"));
$name = trim($data->name);
$name = str_replace(array("\r", "\n"), array(" ", " "), $name);
$email = filter_var(trim($data->email), FILTER_SANITIZE_EMAIL);
$message = trim($data->message);
// Check that data was sent.
if (empty($name) || empty($message) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "One or more invalid entries. Please try again.";
exit;
}

$to = "support@...com";
$from = "From: contact-form@...com". "\r\n";
$body = "A message has been sent via the website contact form.\n\n";
$body .= "Name: $name\n";
$body .= "Email: $email\n\n";
$body .= "Message:\n$message\n";

if (mail($to, 'Customer Inquiry', $body)){
echo "Thank You. Your Message Has Been Sent.";
} else {
echo "An error has occurred and your message could not be sent.";
}
?>

to get this:

<?php
	session_start();
	
	$data = json_decode(file_get_contents("php://input"));
	$name = trim($data->name);
	$name = str_replace(array("\r", "\n"), array(" ", " "), $name);
	$email = filter_var(trim($data->email), FILTER_SANITIZE_EMAIL);
	$message = trim($data->message);
	// Check that data was sent.
	if (empty($name) || empty($message) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
	echo "One or more invalid entries. Please try again.";
	exit;
	}
	
	if(isset($_POST["captcha"])&&$_POST["captcha"]!=""&&$_SESSION["code"]==$_POST["captcha"])
	{
	echo "Correct Code Entered";
	//Do your stuff
	}
	else
	{
	die("Wrong Code Entered");
	}
	
	$to = "support@...com";
	$from = "From: contact-form@...com". "\r\n";
	$body = "A message has been sent via the website contact form.\n\n";
	$body .= "Name: $name\n";
	$body .= "Email: $email\n\n";
	$body .= "Message:\n$message\n";
	
	if (mail($to, 'Customer Inquiry', $body)){
	echo "Thank You. Your Message Has Been Sent.";
	} else {
	echo "An error has occurred and your message could not be sent.";
	}
?>

but after I tested/completed the Form, including entering the correct Captcha code, I see the message "Wrong Code Entered", and of course the Contact Form info does not send.

 

I added this (after the 'session start' line):

var_dump($_SESSION);

and ran the Form, and I see this:

array(2) { ["security_code"]=> string(6) "9569qb" ["code"]=> int(6133) } Wrong Code Entered

Any guidance with integrating captcha script successfuly will be appreciated.

Thanks for your reply.

But, I'm not clear on what you're asking for. Is it this?:

<?php
session_start();
$code=rand(1000,9999);
$_SESSION["code"]=$code;
$im = imagecreatetruecolor(80, 24);
$bg = imagecolorallocate($im, 177, 78, 78);
$fg = imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
imagestring($im, 5, 24, 3,  $code, $fg);
header("Cache-Control: no-cache, must-revalidate");
header('Content-type: image/png');
imagepng($im);
imagedestroy($im);
?>

I'm talking about your form which must in some way include the CAPTCHA.

 

And again: You'll save yourself a lot of trouble now and in the future if you just use a known CAPTCHA library. Google has copypastable code and detailed instructions.

Thanks again for your reply.

 

Here's the Form:

		<form id="ajax-contact" method="post">
        <table class="table10">
        <tr>
        <td colspan="3"><textarea id="contact-message" placeholder="MESSAGE:" required/></textarea>
        </td>
		<tr>
		<td>
        <input id="contact-name" name="name" value="NAME" onfocus="if (this.value=='NAME') {this.value=''; this.style.color='#000000';}" onclick="clickclear(this, 'Enter Name')" onblur="clickrecall(this,'')" required/>
        </td>
		<td>
        <input id="contact-email1" name="email" value="EMAIL" onfocus="if (this.value=='EMAIL') {this.value=''; this.style.color='#696969';}" required/>
        </td>
        <tr>
		<td class="captcha">
		ENTER IMAGE TEXT:  <input name="captcha" style="width:100px" type="text" required/>  <img src="captcha.php" />
		</td>
		<td>
        <input type="hidden" name="submit" ><input class="my-input1" type="submit" value="SEND">
        </td>
        </tr>
        </table>
		</form>

You simultaneously assume that the request body uses custom JSON encoding:

json_decode(file_get_contents("php://input"))

and classical URL encoding:

$_POST["captcha"]

It can't both be true.

 

I recommend you get rid of the weird JSON stuff (as I already told you last time) and use plain old form parameters.

Thanks for your reply.

 

I saw this on a Support Forum (i'm not sure if it pertains to this) It said this:

"If you already have your parameters set like $_POST['eg'] for example and you don't wish to change it, simply do it like this:

$_POST = json_decode(file_get_contents('php://input'), true);

This will save you the hassle of changing all $_POST to something else and allow you to still make normal post requests."

 

Would that work in my situation?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.