Jump to content

Integrating captcha code into Contact Form gets "Wrong Code Entered"


Chrisj

Recommended Posts

I merged this code from a captcha script:

 

<?php
session_start();
if(isset($_POST["captcha"])&&$_POST["captcha"]!=""&&$_SESSION["code"]==$_POST["captcha"])
{
echo "Correct Code Entered";
//Do your stuff
}
else
{
die("Wrong Code Entered");
}
?>

with a working Contact Form script code:

<?php
$data = json_decode(file_get_contents("php://input"));
$name = trim($data->name);
$name = str_replace(array("\r", "\n"), array(" ", " "), $name);
$email = filter_var(trim($data->email), FILTER_SANITIZE_EMAIL);
$message = trim($data->message);
// Check that data was sent.
if (empty($name) || empty($message) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo "One or more invalid entries. Please try again.";
exit;
}

$to = "support@...com";
$from = "From: contact-form@...com". "\r\n";
$body = "A message has been sent via the website contact form.\n\n";
$body .= "Name: $name\n";
$body .= "Email: $email\n\n";
$body .= "Message:\n$message\n";

if (mail($to, 'Customer Inquiry', $body)){
echo "Thank You. Your Message Has Been Sent.";
} else {
echo "An error has occurred and your message could not be sent.";
}
?>

to get this:

<?php
	session_start();
	
	$data = json_decode(file_get_contents("php://input"));
	$name = trim($data->name);
	$name = str_replace(array("\r", "\n"), array(" ", " "), $name);
	$email = filter_var(trim($data->email), FILTER_SANITIZE_EMAIL);
	$message = trim($data->message);
	// Check that data was sent.
	if (empty($name) || empty($message) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
	echo "One or more invalid entries. Please try again.";
	exit;
	}
	
	if(isset($_POST["captcha"])&&$_POST["captcha"]!=""&&$_SESSION["code"]==$_POST["captcha"])
	{
	echo "Correct Code Entered";
	//Do your stuff
	}
	else
	{
	die("Wrong Code Entered");
	}
	
	$to = "support@...com";
	$from = "From: contact-form@...com". "\r\n";
	$body = "A message has been sent via the website contact form.\n\n";
	$body .= "Name: $name\n";
	$body .= "Email: $email\n\n";
	$body .= "Message:\n$message\n";
	
	if (mail($to, 'Customer Inquiry', $body)){
	echo "Thank You. Your Message Has Been Sent.";
	} else {
	echo "An error has occurred and your message could not be sent.";
	}
?>

but after I tested/completed the Form, including entering the correct Captcha code, I see the message "Wrong Code Entered", and of course the Contact Form info does not send.

 

I added this (after the 'session start' line):

var_dump($_SESSION);

and ran the Form, and I see this:

array(2) { ["security_code"]=> string(6) "9569qb" ["code"]=> int(6133) } Wrong Code Entered

Any guidance with integrating captcha script successfuly will be appreciated.

Link to comment
Share on other sites

Thanks for your reply.

But, I'm not clear on what you're asking for. Is it this?:

<?php
session_start();
$code=rand(1000,9999);
$_SESSION["code"]=$code;
$im = imagecreatetruecolor(80, 24);
$bg = imagecolorallocate($im, 177, 78, 78);
$fg = imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
imagestring($im, 5, 24, 3,  $code, $fg);
header("Cache-Control: no-cache, must-revalidate");
header('Content-type: image/png');
imagepng($im);
imagedestroy($im);
?>
Link to comment
Share on other sites

Thanks again for your reply.

 

Here's the Form:

		<form id="ajax-contact" method="post">
        <table class="table10">
        <tr>
        <td colspan="3"><textarea id="contact-message" placeholder="MESSAGE:" required/></textarea>
        </td>
		<tr>
		<td>
        <input id="contact-name" name="name" value="NAME" onfocus="if (this.value=='NAME') {this.value=''; this.style.color='#000000';}" onclick="clickclear(this, 'Enter Name')" onblur="clickrecall(this,'')" required/>
        </td>
		<td>
        <input id="contact-email1" name="email" value="EMAIL" onfocus="if (this.value=='EMAIL') {this.value=''; this.style.color='#696969';}" required/>
        </td>
        <tr>
		<td class="captcha">
		ENTER IMAGE TEXT:  <input name="captcha" style="width:100px" type="text" required/>  <img src="captcha.php" />
		</td>
		<td>
        <input type="hidden" name="submit" ><input class="my-input1" type="submit" value="SEND">
        </td>
        </tr>
        </table>
		</form>
Link to comment
Share on other sites

You simultaneously assume that the request body uses custom JSON encoding:

json_decode(file_get_contents("php://input"))

and classical URL encoding:

$_POST["captcha"]

It can't both be true.

 

I recommend you get rid of the weird JSON stuff (as I already told you last time) and use plain old form parameters.

Link to comment
Share on other sites

Thanks for your reply.

 

I saw this on a Support Forum (i'm not sure if it pertains to this) It said this:

"If you already have your parameters set like $_POST['eg'] for example and you don't wish to change it, simply do it like this:

$_POST = json_decode(file_get_contents('php://input'), true);

This will save you the hassle of changing all $_POST to something else and allow you to still make normal post requests."

 

Would that work in my situation?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.