integrate captcha into existing script

[rhock_95]

can anyone show an example that incorporates a captcha security code element into an existing script/form that queries a database?

 

Of the many captcha scripts that have "demos" I can't get any of them to work within any of my existing search scripts...The captcha scripts work but only as a gateway to the search scripts (different page or frame etc)...

 

...How can I get the query search to only execute if/when the correct security code is entered...by clicking a single "submit/search" button ...that executes both the captcha and the query scripts?

[BlueSkyIS]

...How can I get the query search to only execute if/when the correct security code is entered...by clicking a single "submit/search" button ...that executes both the captcha and the query scripts?

 

Check CAPTCHA first. If CAPTCHA is okay, execute search and display results, else display error message.

[deadonarrival]

if($_POST['string'] != $_SESSION['string'])

{

  $print "Text didn't match picture";

  print_form(); //or however you make the form

}

else

{

  //whatever else

}

[rhock_95]

What I am trying to avoid is two forms...I don't want a user to have to enter the security code before being presented with the actual serch (query) form...

 

I am looking for a single form with both query and security code text boxes using a single "submit" button...but if the security code is incorrect echo error message/form again

[BlueSkyIS]

ON THE SAME PAGE, AFTER JUST ONE CLICK: Check CAPTCHA first. If CAPTCHA is okay, execute search and display results, else display error message.

[rhock_95]

Check CAPTCHA first. If CAPTCHA is okay, execute search and display results

 

how do I do this with an HTML form ?

[BlueSkyIS]

embed PHP or POST to a PHP script that sends the user back to the original HTML page if there is an error. but if you need to do or say anything dynamic ('sorry, your response did not match'), you're going to need to put PHP into the HTML page.

[rhock_95]

embed PHP or POST to a PHP script that sends the user back to the original HTML page if there is an error.

 

The "original HTML page" is what AI am trying to develop...how do I get a single "submit" button to execute both the captcha and the query scripts?

[BlueSkyIS]

you POST to a single page that does both:

 

<?php
$captcha_value = $_POST['captcha'];

if ($captcha_value == $test_value) { // CAPTCHA IS OKAY, GO AHEAD AND DO SEARCH
      // Search code in here.

} else { // CAPTCHA IS NOT OKAY. SHOW AN ERROR
      $error = "CAPTCHA is not okay.";
      echo $error;
}

?>

[rhock_95]

 

<?php
$captcha_value = $_POST['captcha'];

if ($captcha_value == $test_value) { // CAPTCHA IS OKAY, GO AHEAD AND DO SEARCH
      // Search code in here.

} else { // CAPTCHA IS NOT OKAY. SHOW AN ERROR
      $error = "CAPTCHA is not okay.";
      echo $error;
}

?>

again...what I am seeking is the exactly what the form looks like (complete syntax)

 

can you show me what the form would look like that executes your php ?

[BlueSkyIS]

i guess there would be a text field for the search term, underneath which would be a display of the CAPTCHA and a text field underneath that for the user to enter the CAPTCHA. then a submit button.

 

on POST, we check the CAPTCHA value to make sure it matches. if it matches, it performs the search using the term entered in the search field. if CAPTCHA doesn't match, display the same form again but with an error message at the top.

 

here is an example: it isn't a search, but it's the same idea. we don't send the info unless CAPTCHA is correct:

 

http://www.blueskyis.com/contact.php

[rhock_95]

I do appreciate the efforts and the replys but I am afraid they are of no help...

 

I have tried combining both my existing forms (query text field) and the captcha forms (security code text field) to no end...I am still unable to get anything to work with a single "submit" button... the query will execute but the captcha is ignored or the captcha executes but I get no query results...???

 

viewing existing (html) forms is of no help what so ever... abd BTW are youy seriously using the captcha cited on your link? 12 (jumbled) characters ? very confusing...!

 

 

can anyone help me with the form syntax required to execute two scripts with a single button where the the qury script will not execute unless the security code is correct?

[BlueSkyIS]

abd BTW are youy seriously using the captcha cited on your link? 12 (jumbled) characters ? very confusing...!

 

that's only 6 characters with background noise. no problems to date! edit: but you're right, maybe it is too confusing to some. i removed the noise.

 

can we see the code you're working on?

 

[rhock_95]

Captcha Script:

<?php
/****************************************************************************************
						Audio & Visual CAPTCHA v1.3

							        By
					 Nicklas Swärdh - nick@nswardh.com

							  www.nswardh.com
							  
		  (Please respect the author, do not remove these lines!)
****************************************************************************************/
session_start();



// Bake a session-cookie. Will be used in audio.php to validate the download of the generated mp3 file!
$_SESSION['downloadprotect'] = md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR']);



// Recieve the form...
if (isset($_POST['submit'])) {
$code = trim($_POST['code']);



// Compare the entered code with the CAPTCHA using md5() hashes
if (md5($code) == md5($_SESSION['sess_captcha'])) {
echo "<p style=\"color: #00ff00\">Yup, the code is correct!</p>";
} else {
echo "<p style=\"color: #ff0000\">Hey, listen up and try again!</p>";
}


}


/* 

NOTE: A few chars has been removed, to prevent confusion
between the letters. The removed chars are:

	Bb - could be confused with number 8 and spoken Pp
	I  - could be confused with number 1
	l  - could be confused with number 1
	Nn - could be confused with the spoken Mm
	Zz - could be confused with the spoken Cc

*/
$_SESSION['sess_captcha'] = substr(str_shuffle("0123456789acdefghijkmopqrstuvwxyACDEFGHJKLMOPQRSTUVWXY"), 0, 4);


?>

<p><a href="http://www.nswardh.com/shout">Audio & Visual CAPTCHA - v1.3</a></p>

Having a hard time to read? Move your mouse over the speaker...<br />
(The following chars has been removed to prevent confusion: <i>Bb, I, l, Nn and Zz</i>)
<div style="float: left; margin-right: 10px"><img src="visual/visual.php" alt="" title="Cant read the numbers? Move the mouse over the speaker and listen..." style="border: 1px solid #000000" /></div>



<div style="float: left">

<object type="application/x-shockwave-flash" name="movie" data="audio/voice.swf" style="width: 50px; height: 57px">
<param name="movie" value="audio/voice.swf" />
<param name="allowScriptAccess" value="sameDomain" />
<param name="menu" value="false" />
<param name="quality" value="high" />
</object>

</div>


<div style="clear: both; padding-top: 15px; padding-right: 15px">


<form method="post" action="" style="margin: 0px;">
<input type="text" maxlength="4" name="code" id="code" />
<input type="submit" name="submit" value="Verify" />
</form>

</div>

 

Existing search script form:

<form action="<?php echo $self; ?>" method="post">
	<input type="text" name="query" />
	<input type="submit">
</form>

[BlueSkyIS]

<form action="<?php echo $self; ?>" method="post">
Enter your search term:	<input type="text" name="query" /><BR>

Please enter the characters displayed below:<BR>
(whatever your captcha is)<BR>
<INPUT TYPE='text' NAME='code'><BR>
	<input type="submit">
</form>

 

then, to process...

 

// Compare the entered code with the CAPTCHA using md5() hashes
if (md5($code) == md5($_SESSION['sess_captcha'])) {
// Perform search
     // Add your search code here. search for $_POST['query']



} else {
echo "<p style=\"color: #ff0000\">Hey, listen up and try again!</p>";
}

[BlueSkyIS]

here's part of my contact form where captcha is verified and if it passes an email is sent, otherwise an error is displayed:

 

if ($_SESSION['CAPTCHAString'] != $_POST['captchastring']) {
	array_push($errs, "Please enter the characters as displayed.");
}

if (count($errs) != 0) {
	// Loop over errors, printing them.
	foreach ($errs as $error) {
		echo "<TR><TD><div style='color: #FF0000;'><B>Error:</B> $error</div></TD></TR>";
	}

	//echo "<a href='contact.php'>Back</A>";
} else {
	$headers .= "From: $eaddr\r\n";

	$message = "FORM SUBMISSION:\n\n";
	$message .= "Name: ".$_POST["cName"]."\n";
	$message .= "Email: $email\n";
	$message .= "Message: ".$_POST["cMessage"]."\n";

	// All is well - Send email (to, subject, content, headers)
	mail($eaddr, "CONTACT: Blue Sky IS", $message, $headers);
     }

[Yesideez]

I've written a captcha script that generates PNG images using jumbled up letters from a Truetype font in random colors and positions which can be used in any script.

 

To see it working, check out my contact form and guestbook on my website: www.pictureinthesky.net

 

If you want the source, you can have it.

[rhock_95]

<form action="<?php echo $self; ?>" method="post">
Enter your search term:	<input type="text" name="query" /><BR>

Please enter the characters displayed below:<BR>
(whatever your captcha is)<BR>
<INPUT TYPE='text' NAME='code'><BR>
	<input type="submit">
</form>

 

then, to process...

 

// Compare the entered code with the CAPTCHA using md5() hashes
if (md5($code) == md5($_SESSION['sess_captcha'])) {
// Perform search
     // Add your search code here. search for $_POST['query']



} else {
echo "<p style=\"color: #ff0000\">Hey, listen up and try again!</p>";
}

 

what does this mean?>>>"whatever your captcha is"  am I supposed to paste the whole script ?(see above code)

 

likewise with "// Add your search code here. search for $_POST['query']"  if I paste  both the scrips it throws endless line erors

 

after some hacking I can get the from to display with a single submit button...however it does nothing...if I assign the form action to the search script it ignores the captcha function...

[Yesideez]

A captcha is ually in it's own script, something like makeimg.php

 

That "whatever your captcha is" could probably be replaced by something like:

 

<img src="makeimg.php?rnd=<?=mt_rand(1,10000)?>" />

 

I've added the random number thing to prevent the image being cached.