Jump to content

Changing Recaptcha from 1 to 2

IanH77

By IanH77
in PHP Coding Help

Recommended Posts

IanH77 Newbie

IanH77

Posted
Posted
Hello, the site I have inherited currently runs Recaptcha 1, I believe the code to implement that is in the lines below. I don't have enough knowledge of what to change to modify this to Recaptcha 2 which the dialogue box is telling me I need to do before the end of this month, any help or suggestions are warmly welcomed.
 
I currently know next to nothing about PHP so if there is a delete this/insert this type of answer available that would be great. If it's more complicated then I need to find another way to get round this like taking recaptcha out.
 
Thanks in advance
 
   <?php
     // Recaptcha settings (from http://code.google.com/apis/recaptcha/docs/php.html)
     require_once('./includes/recaptchalib.php');
     $publickey = "Obscured"; 
     $privatekey = "Obscured"; 
    
     function ShowComments($event_id, $type, $date_start) {
       // Displays the comments for the selected event
       // ... and saves comments submitted
   
      global $db_con, $base_url, $mail_from, $area_email, $_POST, $publickey, $privatekey;
   
      if ($_POST["save_comment"] == "yes") { 
        // Try and save the comment!
        $s_name = $_POST["name"];
        $s_email = $_POST["email"];
        $s_comment = $_POST["comment"];
        $posted = date("Y-m-d H:i:s", GetUKTime());
   
        // Validate the reCAPTCHA entered (to prevent spam)
        if (trim($_POST["recaptcha_response_field"]) != "") {  
          $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
          if (!$resp->is_valid) { $error .= "- invalid reCAPTCHA entered<Br>"; }
        } else {
          $error .= "- invalid reCAPTCHA entered<br>"; 
        }
   
        if ($s_name == "") { $error .= "- enter your name!<BR>"; }
        if ($s_email == "") { $error .= "- enter your email (won't be displayed)!<BR>"; }
        if (trim($s_comment) == "") { $error .= "- no comment entered!<BR>"; }
        if (substr_count(strtolower($s_comment),"http") || substr_count(strtolower($s_comment),"www")) { $error .= "- comment may not contain web addresses!<BR>"; }
   
        if ($error == "") { 
          $sql = "INSERT INTO event_comments (event_id, posted, name, email, comment)
                         VALUES ($event_id, '$posted', '$s_name', '$s_email', '".mysql_real_escape_string($s_comment)."') ";
   
          $res = mysql_query($sql, $db_con);
   
          if (@mysql_affected_rows($db_con) < 1) {
            $error .= "- comment not saved!";
          } else {
            $saved = true;
          }
   
          @mysql_free_result($res);
        }
      }
   
      $sql = "SELECT EC.comment_id, EC.name, EC.comment, EC.email, 
                     DATE_FORMAT(EC.posted, '%D %b %Y %H:%i') xposted ,
                     E.title, E.region  
                FROM event_comments EC, events E 
               WHERE E.event_id = EC.event_id 
                 AND EC.event_id = $event_id ";
   
      if ($type != "future") { 
        $sql .= " AND (UNIX_TIMESTAMP(EC.posted)) >= 
                       UNIX_TIMESTAMP(CONCAT_WS(' ',E.date_start,E.departure_time))";
      }
   
      $sql .= "       ORDER BY comment_id ASC ";
   
      $res = mysql_query($sql, $db_con);
   
      echo "<TABLE WIDTH=\"100%\" BORDER=0 cellpadding=3 cellspacing=0>";
      echo " <tr valign=top>";
      echo "  <td>"; 
   
      if ($res == "" || @mysql_num_rows($res) < 1) {
        echo "<BR><BR>[ <EM>no comments sumbitted!</EM> ]<BR><BR><BR>";
      } else {
        while ($row = mysql_fetch_array($res)) {
          $posted = $row["xposted"];
          $name = $row["name"];
          $comment = HTMLOutput($row["comment"]);
          $title = $row["title"];
          $region = $row["region"];
   
          ?>
            <!--<div class="wrap">
             <img src="images/user.png" />
             <div class="comment" data-owner="">
              <h2 class="owner"><?php echo $name; ?></h2>
              <p><?php echo $comment; ?></p>
              <ol class="postscript">
               <li class="date"><?php echo $posted; ?></li>
              </ol>
             </div>
            </div> --!>
          <?php
   
          echo "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"0\" BORDERCOLOR=\"lightgrey\" WIDTH=\"100%\">";
          echo "<TR>";
          echo " <TD>";
          echo "  <SMALL>"; 
          echo "   <B>$posted :: <FONT COLOR=\"blue\">$name</FONT></B><BR>";
          echo $comment; 
          echo "  </SMALL>";
          echo " </TD>";
         echo "</TR>";
         echo "</TABLE>";
         echo "<BR>"; 
       }
     }
  
     echo "  </td>";
     echo "  <td WIDTH=280>"; 
  
  
     echo "<A NAME=\"comments\">"; 
  
     if ($event_id == 269) { 
       // Show nothing
     } elseif (($saved == false || $error) && $event_id != 269) { 
       // Show the form that allows a comment to be added
       ?>     
       <script type="text/javascript">
        var RecaptchaOptions = {
            theme : 'white'
        };
       </script>
  
       <TABLE BORDER="1" BORDERCOLOR="darkgray" WIDTH="100%" CELLPADDING="2" CELLSPACING="0">
        <TR>
         <TD ALIGN="CENTER">
          <FORM ACTION="events.php?event_id=<?php echo $event_id; ?>#comments" METHOD="POST">
           <INPUT TYPE="HIDDEN" NAME="save_comment" VALUE="yes">
           <TABLE BORDER="0" WIDTH="100%" CELLPADDING="2" CELLSPACING="0">
            <?php
              if ($error != "") { 
                echo "<TR BGCOLOR=\"lemonchiffon\">";
                echo "<TD COLSPAN=\"2\"><SMALL><FONT COLOR=\"red\">";
                echo "<b>Unable to save comment : <br><br>";
                echo $error;
                echo "<br><br></FONT></SMALL></TD>";
                echo "</TR>";
              }
            ?>
            <TR BGCOLOR="lemonchiffon">
             <TD width="80" align="right"><SMALL><B>Name :</B></SMALL></TD>
             <TD><INPUT TYPE="TEXT" CLASS="small" NAME="name" MAXLENGTH="30" SIZE="20" VALUE="<?php echo $s_name; ?>"></TD>
            </TR>
            <TR VALIGN="TOP" BGCOLOR="lemonchiffon">
             <TD align="right"><SMALL><B>Email :</B></SMALL></TD>
             <TD><INPUT TYPE="TEXT" CLASS="small" NAME="email" MAXLENGTH="60" SIZE="20" VALUE="<?php echo $s_email; ?>"><SMALL>*not displayed</SMALL></TD>
            </TR>
            <TR BGCOLOR="lemonchiffon" valign="top">
             <TD align="right">
              <SMALL><B>Comment :</B></SMALL>
             </td>
             <td>
              <TEXTAREA NAME="comment" CLASS="small" COLS="30" ROWS="8"><?php echo $s_comment; ?></TEXTAREA>
             </TD>
            </TR>
            <tr>
             <td colspan="2">
              <?php 
                echo recaptcha_get_html($publickey);
              ?>
            <TR BGCOLOR="lemonchiffon">
             <TD COLSPAN="2" ALIGN="RIGHT">
              <INPUT TYPE="SUBMIT" VALUE="Save Comment" CLASS="small">
             </TD>
            </TR> 
           </TABLE>
          </FORM>
  
         </TD>
        </TR>
       </TABLE> 
       <?php
     } else {
       echo "<br><center><b><font color=red>Comment saved</font</b></center>";
     }
  
     @mysql_free_result($res);
  
     echo "  </td>";
     echo " </tr>";
     echo "</table>"; 
  
     // Attempt to send an email notification indicating comment posted
     // to relevant area co=ordinator
     if ($saved && $area_email[$region] != "") {
       $subject = "MX5Scotland - Comment Posted";
       $to = $area_email[$region];
  
       $body  = "MX5Scotland - Comment Posted\n\n";
       $body .= "Event : $title\n";
       $body .= "Link : $base_url/events.php?event_id=$event_id\n";
       $body .= "Comment by : $s_name ($s_email)\n\n";
       $body .= "$s_comment\n\n";
  
       $res =  mail($to, $subject, $body, "From: $s_name <$s_email>\nReturn-Path: <$s_email>\n","-f$mail_from");
  
       if ($res == false) {
         // Message not sent
       } else {
         // Message sent
       }
     }
  
  
   }
  
   // *********************************************************************
  
   function ShowDetails($event_id, $info) {
     // Function to display info about a future event
     global $db_con;
     global $path_to_gallery_images, $base_url; 
  
     // Fetch details about the event
     $sql = "SELECT E.region, E.meeting_point, E.departure_time,
                    E.title, E.details, E.route,
                    E.report, E.car_count, 
                    DATE_FORMAT(E.date_start, '%a %D %b %Y') date_start,
                    DATE_FORMAT(E.date_end, '%a %D %b %Y') date_end
               FROM events E
              WHERE E.event_id = $event_id ";
  
     $res = mysql_query($sql, $db_con);
  
  
     if ($res == "" || @mysql_num_rows($res) < 1) { 
       ?>
       <BR><BR>
       <CENTER><B>Details for the specified event could not be found</B></CENTER><BR>
       <BR>";
       <A HREF="events.php"><< Back to events page</A>";
       <?php
     } else {
       $row = mysql_fetch_array($res);
  
       $title = $row["title"];
       $details = HTMLOutput($row["details"]);
       $route = $row["route"];
       $region = $row["region"];
       $meeting_point = $row["meeting_point"];
       $departure_time = $row["departure_time"];
       $date_start = $row["date_start"];
       $date_end = $row["date_end"];
       $report = HTMLOutput($row["report"]);
       $car_count = $row["car_count"];
  
       $tmpSTART = strtotime("$date_start $departure_time");
       $tmpNOW = GetUKTime();
  
       $diff = $tmpNOW - $tmpSTART;
       $diff = $diff/60/60;
  
       // An event is classed as a previous event if 6 hours (or more) in
       // the past (see above calculation!!)
  
       if ($diff >= 1) {
         $type = "previous";
       } else {
         $type = "future";
       }
       if ($car_count < 1) {  
         $car_count = "<SMALL>Unknown</SMALL>";
       }
  
       if ($meeting_point == "") { 
         $meeting_point = "TBA";
         $departure_time = "TBA";
       } else {
         $departure_time = substr($departure_time, 0, 6); 
       }
  
       if ($date_end != "") { 
         $event_date = "$date_start <SMALL>to</SMALL> $date_end"; 
       } else {
         $event_date = $date_start;
       }
       ?>
       <CENTER>
 <!--
       <TABLE BORDER="0" WIDTH="97%" CELLPADDING="0" CELLSPACING="0">
        <TR VALIGN="MIDDLE">
         <TD WIDTH="1"><IMG SRC="images/events_<?php echo $region; ?>_map_small.jpg" ALIGN="LEFT"></TD>
         <TD><B><?php echo ucfirst($region)." Scotland ".ucfirst($type)." Event"; ?></B></TD>
        </TR>
       </TABLE>
 -->
       <br>
       <TABLE BORDER="0" CELLPADDING="6" CELLSPACING="0" BORDERCOLOR="darkgray" WIDTH="97%">
        <TR BGCOLOR="darkgray">
         <TD>
          <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0" WIDTH="100%">
           <TR>
            <TD>
             <B><FONT COLOR="black" size="5"><?php echo $title; ?></FONT></B><BR>
             <B><FONT COLOR="royalblue" size="4"><?php echo $event_date; ?></FONT></B><br>
             <b><font color="darkblue">organised by <?php echo ucfirst($region); ?> Scotland</font></b> 
             <?php if ($type == "previous") { ?>
                 <br><br><b>Car Count : <?php echo $car_count; ?></b>
             <?php } ?>
  
            </TD>
            <TD ALIGN="RIGHT">
             <?php
               if ($route != "") {
                 echo "<A HREF=\"$base_url/docs/$route\" TARGET=\"_blank\">";
                 echo "<IMG SRC=\"images/map.gif\" TITLE=\"Download Route Instructions\" BORDER=\"0\" width=\"100\"></a>";
               } else {
                 echo " ";
               }
             ?>
            </TD>
           </TR>
          </TABLE> 
         </TD>
        </TR>
        <TR>
         <TD>
          <TABLE BORDER="0" CELLPADDING="2" CELLSPACING="0" WIDTH="100%">
           <TR VALIGN="TOP">
            <TD colspan="2">
             <TABLE>          
             <?php
               if ($type == "future") {
                 echo "<TR>";
                 echo " <TD BGCOLOR=\"lightgrey\" WIDTH=\"120\"><B> Meeting Point :</B></TD>";
                 echo " <TD>$meeting_point </TD>";
                 echo "</TR>";
                 echo "<TR>";
                 echo " <TD BGCOLOR=\"lightgrey\" WIDTH=\"120\"><B> Departure Time :</B></TD>";
                 echo " <TD>$departure_time </TD>";
                 echo "</TR>";
               } else {
                 if ($info == "y") { 
                   echo "[ <a href=\"events.php?event_id=$event_id\">show event report</a> ]";
                 } else { 
                   echo "[ <a href=\"events.php?event_id=$event_id&info=y\">show pre-run info</a> ]";
                 }
               }           
             ?>
             </TABLE>
             <BR>
             <?php
               if ($type == "previous" && $info != "y") { 
                 echo $report;
               } else {
                 echo $details; 
               }
  
               if ($route != "") { 
                 echo "<BR><BR>"; 
                 echo "<CENTER>";
                 echo "<A HREF=\"$base_url/docs/$route\" TARGET=\"_blank\">";
                 echo "<IMG SRC=\"images/map.gif\" TITLE=\"Download Route Instructions\" BORDER=\"0\">";
                 echo "<BR>$route</A>";
                 echo "</CENTER>"; 
               }
             ?> 
             <BR><BR>
            </TD>
           </TR>
           <?php if ($type == "previous") { ?>
            <TR valign="middle">
             <td bgcolor="lightgrey" align="center" colspan="2">
              <img src="images/camera2.gif" align="left"><br><B>Event Images</B>
             </td>
            </tr>
            <TR>
             <td colspan="2" align="center">
              <?php
                $sql = "SELECT * FROM events_gallery 
                        WHERE event_id = $event_id 
                        ORDER BY posted DESC ";
  
                $pres = mysql_query($sql, $db_con);
  
                if ($pres == "" || @mysql_num_rows($pres) < 1) { 
                  echo "<BR><I>no images have been uploaded for this event</I>";
                } else {
                  $image_count = 0;
  
                  while ($row=mysql_fetch_array($pres)) {
                    if ($image_count == 6) { 
                      $image_count = 0;
                      echo "<BR>";
                    }
  
                    $filename = $row["filename"];
                    $title = $row["title"];
                    if ($row["description"] == '') { 
                      $description = "Photo taken by ".$row["name"];
                    } else {
                      $description = "'".$row["description"]."' by ".$row["name"];
                    }
  
                    //echo "<A HREF=\"photo.php?events_gallery_id=".$row["events_gallery_id"]."&photo=".$path_to_gallery_images.$row["filename"]."\" OnClick=\"javascript:window.open(this.href,'_blank','menubar=no,location=no,resizable=yes,scrollbars=no,status=no,width=400,height=300'); return false;\"><IMG BORDER=\"0\" SRC=\"".$path_to_gallery_images."thumb_".$row["filename"]."\"></A> ";
                    echo "<a href=\"$path_to_gallery_images$filename\" alt=\"$description\" rel=\"lightbox[mx5grp]\" title=\"$description\"><img src=\"$path_to_gallery_images"."thumb_$filename\" border=\"0\"></a> \n";
  
                    $image_count++;
                  }
                }
  
                @mysql_close($pres);
              ?>
              <BR><BR>
              [<A HREF="<?php echo $base_url; ?>/event_image_upload.php?id=<?php echo $event_id; ?>" OnClick="javascript:window.open(this.href,'imageuploadwin','menubar=no,location=no,resizable=yes,scrollbars=yes,status=yes,width=550,height=600'); return false;">Click here to upload your image(s)</A>]<BR>
              <SMALL>(A guide can be found on the help pages)</SMALL>
              <BR><BR>
             </td>
            </TR>
           <?php } ?>
           <TR>
            <td bgcolor="lightgrey" align="center" colspan="2">
             <B>Your Comments</B>
            </td>
           </tr>
           <tr>
            <TD colspan="2" ALIGN="CENTER">
             <?php
                 ShowComments($event_id, $type, $date_start);
             ?>
            </TD>
           </TR>
          </TABLE> 
         </TD>
        </TR>
       </TABLE>
       </CENTER>
       <?php 
  
       echo "<BR>";
       echo "<A HREF=\"events.php?region=$region&type=$type\"><< Back to ".ucfirst($region)." $type events</A>";   
     }
  
     @mysql_free_result($res); 
   }
  
  
   ShowDetails($_GET["event_id"], $_GET["info"]);
  
 ?>

 

Link to comment
Share on other sites
gizmola Prolific Member

gizmola

Posted
Posted

With all due respect, you should pay someone for an hour or 2 of their time to do this for you. This site exists for developers to help others with a genuine interest in the field, which you self admittedly do not have.

 

Recaptcha implementation is in my experience relatively straightforward, but it still has to be tested. You can obviously remove the recaptcha, but expect spam commensurate with the interest that spammers might have in your community. Spambots are always at work, just randomly trying sites, and you will no doubt be spammed.

 

For a site like yours a simple customized captcha such as "Enter 'Iamhuman':" defeats every automated form filling bot in the world. They aren't built to try and understand anything non-standard. Of course if someone has targeted you they will program around that trivially.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.