darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
I'm trying to code a CAPTCHA anispam picture into a contact form I have. I can generate the image and everything just fine, but I'm trying to figure out how to make the submition of the form conditional. I don't have access to the sendmail script (it's only a university server outside my department) so I either need to validate the user entered code client-side, or I need to send it to a validation page that will then pass on the form information to the sendmail script.
Any tips? Do I need to share some of my existing code?
The security image is created via PHP. Ideally, I'd like to make the form action condition upon the user entered securty code. i.e. if the code is write, submit too sendmail script, else submit to somewhere else where I can bombard them with error messages. 5/15/2006 4:03:49 PM |
damn Suspended 2781 Posts user info edit post |
i don't know what you just said, but i'll take your word for it 5/15/2006 4:06:38 PM |
agentlion All American 13936 Posts user info edit post |
is this a home grown submission process? you're not using a blogging engine or CMS or anything? Of course stuff like Wordpress will do all this for you. 5/15/2006 4:36:20 PM |
darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
This is all from scratch stuff. I din't design the origional form, but it's just standard html form stuff. I modified some PHP I found to generate teh random image and I was trying to modify the following PHP snippet to do my bidding, but it's for checking after the fact:
<?php // check for posted form if (isset($_POST['submit'])) { // see if the code the user typed matched the generated code if (strtoupper($_POST['code']) == $_SESSION['code']) { echo 'Congratulations, you entered the correct code.'; } else { echo 'You have entered the wrong code. Please <a href="reportformTEST.php">try again</a>.'; } } else { ?>
I just can't seem to find a way to make the form submit function conditional the way I currently have it set up. I thinking of using an open source PHP form mail program if I can't get this to work. I would like to figure this out though. 5/15/2006 5:09:25 PM |
darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
bttmft 5/16/2006 11:38:59 AM |
agentlion All American 13936 Posts user info edit post |
then the form action needs to call a Javascript which can compare the CAPTCHA somehow before submitting the form. You can't do that in PHP, obviously, since that's run on the server. 5/16/2006 11:42:29 AM |
darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
^ I tried something similar to that with java script using the onSubmit event. What I coded didn't work obviously. Is there a way I can make the javascript and PHP play together so I can use the comparison code I showed a few posts above? 5/16/2006 1:51:21 PM |
darkone (\/) (;,,,;) (\/) 11611 Posts user info edit post |
BTTT 5/17/2006 11:12:25 AM |
mellocj All American 1872 Posts user info edit post |
I don't think doing a captcha in javascript is a good idea. The user can disable javascript, or save your HTML page on their HD and edit the javascript out. 5/17/2006 10:32:00 PM |
Noen All American 31346 Posts user info edit post |
ding ding ding.
Not only that, there are TONS of GOOD php captcha scripts out there, why in the world are you writing your own? Just grab one and go
Also, as a side note, Captcha's aren't going to prevent spammers. I wrote a working captcha breaker in a few hours.
[Edited on May 17, 2006 at 11:05 PM. Reason : .] 5/17/2006 11:04:18 PM |
agentlion All American 13936 Posts user info edit post |
use KittenAuth! http://www.kittenauth.com/ 5/18/2006 8:02:17 AM |
mellocj All American 1872 Posts user info edit post |
this whole problem could probably be fixed without a captcha. google for php form mail header injection. 5/18/2006 12:00:54 PM |