Help me find what is wrong with this script

Discussion in 'PHP' started by borzoid, Nov 20, 2010.

  1. #1
    Hi, I didn't write this and was holding off on fixing it as I wanted to get the whole application overhauled but finding a coder has been difficult so I need to try to fix at least this part myself. It is a captcha script that creates an image of a math problem and the visitor must give the correct answer. However, more often that not even the correct answer is not accepted. I think there may be a sessions issue as well, because when you leave a the page and go back to it - the math problem doesn't update.

    Here is the verify class
    <?php
    
    class Verify {
    
    	var $verify;
    	var $session_id;
    	
    	function Verify() {
    	
    		$this->session_id = session_id();
    		
    	}
    	function get_image_verify() {
    	
    		/* SEND HEADER */
    		header ("Content-Type: image/jpg");
    
    		$new_string;
    
    		// Set up the image holder
    		$im = ImageCreate(200, 40);  
    
    		// Background=black fore = white
    		$white = ImageColorAllocate($im, 255, 255, 255);
    		$black = ImageColorAllocate($im, 0, 0, 0);
    
    		/* CODE MODIFICATION ON : 22/08/2008 */
    		/* CHANGE FROM A FULL RANDOM STRING, TO A MATHS PUZZEL */
    		
    			/*random string generator.*/
    			/*The seed for the random number*/
    			//srand( ( double ) microtime() * 1000000 );
    			
    		// Generate 2 random numbers between 1 and 100
    		$number1 = rand ( 51, 100 );
    		$number2 = rand ( 1, 50 );
    		
    		// Get random number between 1 and 2
    		// 1 = PLUS 2 = MINUS
    		$plusminus = rand ( 1, 2 );
    		
    		// Create string
    			//$string = md5(rand (0,9999) );
    			$string = ( $plusminus == 1 ) ? "$number1 + $number2 =" : "$number1 - $number2 =";
    
    			// Create new string
    			//$new_string = substr( $string, 17, 5 );
    
    		// Set session var to hold the string value	
    			//$_SESSION['inped_image_string'] = $new_string;
    		$_SESSION['inped_image_string'] = ( $plusminus == 1 ) ? $number1 + $number2 : $number1 - $number2;
    
    		// Fill the background
    		ImageFill( $im, 0, 0, $black );
    
    		// WRITE THE STRING AT COORDS (70,10) IN WHITE.
    			//ImageString( $im, 4, 70, 10, $new_string, $white );
    		ImageString ( $im, 4, 70, 10, $string, $white );
    
    		// Write images file
    		$this->verify = "./images/verify/" . $this->session_id . ".png";
    		
    		ImagePNG ( $im, $this->verify );
    		
    		ImageDestroy( $im );
    		
    		// Revert header
    		header ( "Content-type: text/html" );
    		
    
    	}
    	
    	function get_image_string() {
    	
    		return ( $_SESSION['inped_image_string'] );
    		
    	}
    	
    	function clear_cache() {
    	
    		$time_now = strtotime ( date ( "H:i:s", time() ) );
    		$folder = "./images/verify/";
    		
    		$of = opendir ( $folder );
    		
    		while ( $f = readdir ( $of ) ) {
    
    			if ( $f != "." && $f != ".." ) {
    			
    				$file_time = filectime ( $folder . $f );
    				
    				$diff = $file_time - $time_now;
    				
    				if ( $diff > -3600 ) {
    				
    					unlink ( $folder . $f );
    					
    					//echo "<b>Time Older Than 1 Hour</b>";
    				}
    				//echo "File: $f - Modify Time: $file_time - Now Time: $time_now - Time Diff: $diff";
    				
    			}
    		}
    	}
    }
    
    ?>
    PHP:
    And here is the use of the class with a form

    <?php
    
    class Contact {
    
    	var $template;
    	var $display;
    	
    	var $verify;
    	
    	function Contact() {
    	
    		// We need the contact form template to be loaded
    		$open_file = fopen ( "./templates/contact_form.tpl", "r" );
    		$this->template = fread ( $open_file, filesize ( "./templates/contact_form.tpl" ) );
    
    		// Create verfiy object instance
    		$this->verify =& new Verify();
    		
    		$this->verify->clear_cache();
    		
    		
    	}
    	
    	function replace_tags() {
    	
    		$this->template = eregi_replace ( "%%verify_image%%", "<img src='" . $this->verify->verify . "' />", $this->template );
    		
    	}
    	
    	function contact_form( $extra_content = "" ) {
    	
    		$functions = new Functions;
    
    		// Setup image verify
    		$this->verify->get_image_verify();
    		
    		// Replace tags in the contact form
    		$this->replace_tags();
    		
    		$form = "<p class='gallery_header' align='center'>Contact Us</p>";
     
    		$form .= ( !empty ( $extra_content ) ) ? "<p class='error' align='center'>$extra_content</p>" : "";
    		
    		$form .= $this->template;
    		
    		return ( $form );
    		
    	}
    	
    	function send() {
    	
    		if ( $this->verify->get_image_string() == $_POST['verify'] ) {
    		
    			$to = $this->get_admin_email();
    			$from = $_POST['email'];
    			$name = $_POST['realname'];
    			$message = $_POST['mesg'];
    			$subject = "Message From: $name";
    			$headers = "Content-type: text/html\n";
    			$headers .= "From: " . $from;
    			
    			mail ( $to, $subject, $message, $headers );
    		
    			return ( $this->contact_form ( "Your Message Has Been Sent" ) );
    			
    		} else {
    		
    			return ( $this->contact_form ( "The Answer You Entered To The Maths Problem Is Incorrect" ) );
    			
    		}
    		
    	}
    	
    	function get_admin_email() {
    	
    		return ( $this->display->get_kennel_detail ( "Email" ) );
    		
    	}
    	
    }
    
    ?>
    PHP:
    Could someone point out where the issue lies? I greatly appreciate any help you can give.
     
    borzoid, Nov 20, 2010 IP