Hi, anyone here know how to make a captcha work? I am stuck in the process of validation. Once the user enters the right information, I want him to click on the purchase button and move on to clickbank, for example. Problem is, I am not what goes into the part of echo" "; when the characters are entered correctly and what goes into the form method itself. I will give $5 bucks to the first person who can make this work for me. Here's the code: <?php session_start(); $width = 120; $height = 40; $length = 5; $baseList = '0123456789abcdfghjkmnpqrstvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $code = ""; $counter = 0; $image = @imagecreate($width, $height) or die('Cannot initialize GD!'); for( $i=0; $i<10; $i++ ) { imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), imagecolorallocate($image, mt_rand(150,255), mt_rand(150,255), mt_rand(150,255))); } for( $i=0, $x=0; $i<$length; $i++ ) { $actChar = substr($baseList, rand(0, strlen($baseList)-1), 1); $x += 10 + mt_rand(0,10); imagechar($image, mt_rand(3,5), $x, mt_rand(5,20), $actChar, imagecolorallocate($image, mt_rand(0,155), mt_rand(0,155), mt_rand(0,155))); $code .= strtolower($actChar); } header('Content-Type: image/jpeg'); imagejpeg($image); imagedestroy($image); $_SESSION['securityCode'] = $code; ?> The form: <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> <html> <head> <title>Captcha demo</title> </head> <body> <?php if (isset($_POST['submitBtn'])){ $secCode = isset($_POST['secCode']) ? strtolower($_POST['secCode']) : ""; if ($secCode == $_SESSION['securityCode']) { echo "<p>The result code was valid!<br/></p>"; unset($_SESSION['securityCode']); $result = true; } else { echo "<p>Sorry the security code is invalid! Please try it again!</p>"; $result = false; } } if ((!isset($_POST['submitBtn'])) || (!$result)){ ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" > <table width="400"> <tr> <td>Security code: <input class="text" name="secCode" type="text" size="10" /> </td> <td> <img src="securityCode.php" alt="security code" border="1" /> </td> </tr> <tr> <td colspan="2" align="center"><br/> <input class="text" type="submit" name="submitBtn" value="Send" /> </td> </tr> </table> </form> <?php } ?> </body> PHP: The part I'm stuck with: I have a mailing list which uses the following format: <form method=post action=http://www.domain.com/mail/signup.php> <input type=hidden name=list value=1> Email: <input type=text name=email><br> <input type=submit name=sup value="Subscribe Me!"> </form> So I want the form to send this info to the mailing after they enter the correct captcha. But here's the snag: The code above uses: <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" > Which leaves me wondering where my <form method=post action=http://www.domain.com/mail/signup.php> Goes?
You need to embed the part that validates the security code - if ($secCode == $_SESSION['securityCode']) {... - in the top of /mail/signup.php. Then you can point the form with the captcha at it. If /mail/signup.php is on a different server then you have more of a problem. You could use curl to post the data on to it after validating the captcha but that wouldn't stop someone from accessing it directly, avoiding the captcha. So basically if /mail/signup.php is on the same server as your form and you can edit it, then it should be fairly straightforward - let me know if you need help with that. If it is on a different server or are unable to modify it then it will be more difficult and you may not be able to make it secure with the captcha at all.
OK. Let's see if that works... This is where I got a snag. This is above the <form>.. <?php if (isset($_POST['sup'])){ $secCode = isset($_POST['secCode']) ? strtolower($_POST['secCode']) : ""; if ($secCode == $_SESSION['securityCode']) { [COLOR="Red"] echo " correct code! "; ------------------------------------- What goes here?[/COLOR] unset($_SESSION['securityCode']); $result = true; } else { echo "<p>Sorry the security code is invalid! Please try it again!</p>"; $result = false; } } if ((!isset($_POST['sup'])) || (!$result)){ ?> PHP:
Here is what you need to do: You have your securityCode.php file: <?php session_start(); $width = 120; $height = 40; $length = 5; $baseList = '0123456789abcdfghjkmnpqrstvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $code = ""; $counter = 0; $image = @imagecreate($width, $height) or die('Cannot initialize GD!'); for( $i=0; $i<10; $i++ ) { imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), imagecolorallocate($image, mt_rand(150,255), mt_rand(150,255), mt_rand(150,255))); } for( $i=0, $x=0; $i<$length; $i++ ) { $actChar = substr($baseList, rand(0, strlen($baseList)-1), 1); $x += 10 + mt_rand(0,10); imagechar($image, mt_rand(3,5), $x, mt_rand(5,20), $actChar, imagecolorallocate($image, mt_rand(0,155), mt_rand(0,155), mt_rand(0,155))); $code .= strtolower($actChar); } header('Content-Type: image/jpeg'); imagejpeg($image); imagedestroy($image); $_SESSION['securityCode'] = $code; ?> PHP: and you have your page with the form (and captcha) on it: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> <html> <head> <title>Captcha demo</title> </head> <body> <form method="post" action="signup.php"> <input type="hidden" name="list" value="1"> <table width="400"> <tr> <td colspan="2">Email: <input type="text" name="email"></td> </tr> <tr> <td>Security code: <input class="text" name="secCode" type="text" size="10" /> </td> <td> <img src="securityCode.php" alt="security code" border="1" /> </td> </tr> <tr> <td colspan="2" align="center"><br/> <input type="submit" name="sup" value="Subscribe Me!"> </td> </tr> </table> </form> </body> </html> HTML: Then you have the signup.php file which needs the following code inserted right at the top: <?php session_start(); if (isset($_POST['sup'])){ $secCode = isset($_POST['secCode']) ? strtolower($_POST['secCode']) : ""; if ($secCode == $_SESSION['securityCode']) { unset($_SESSION['securityCode']); } else { echo "<p>Sorry the security code is invalid! Please try it again!</p>"; exit; } } // Continue with the rest of the script echo "<p>The security code was valid...</p>"; if (!empty($_POST['email'])) { echo "<p>E-mail address supplied was {$_POST['email']}</p>"; } ?> PHP: This will check the security code and exit if it doesn't match the captcha or allow the rest of the script to continue if it does. Obviously change the echo statements to suit your requirements.
I see. So there is a modification to the signup.php form itself (my mailing list form) which needs that code above. I've inserted the code on top of it... I got it to work as far as recognizing right and wrong input of captcha but the form doesn't send the variables and go on past that. I will pm you the url.