www.webdeveloper.com
Results 1 to 5 of 5

Thread: Variable question, adding a simple PHP Captcha to HTML contact form

  1. #1
    Join Date
    May 2013
    Posts
    15

    Variable question, adding a simple PHP Captcha to HTML contact form

    I'm trying to add some very simple PHP CAPTCHA code to my existing HTML web forms, while using my same server side php form mailer.php.

    Example form with simple CAPTCHA:
    Code:
    <?
    session_start();
    ?>
    <html>
    Number challange test<br />
    <br />
    </html>
    <body>
    <?
    // check login - only code
    if (isset($_REQUEST['submit'])) {
         echo "running code comparison now  ";
        if ($_SESSION['captcha']==$_REQUEST['code']) echo 'login ok';
        else echo 'login failed';
    }
    else {
    ?>
    <form action="<? echo $PHP_SELF ?>" method="POST">
    Username: <input type="text" name="username" /><br />
    Password: <input type="text" name="password" /><br />
    <img src="example.php" />
    Code: <input type="text" name="code" /><br />
    <input type="submit" name="submit" value="Login" />
    
    </form>
    <? } ?>
    </body>
    </html>
    Server-side image source:
    Code:
    <?
    session_start();
    include('captcha_numbers.php');
    $captcha = new CaptchaNumbers(4);
    $captcha -> display();
    
    $_SESSION['captcha'] = $captcha -> getString();
    ?>
    What is unclear to me, is how can I apply the above value-comparison concept and still submit my form data to my server-side form_mailer.php. Without using submit (to itself) to validate the 'captcha' value to = the 'code'?

    I have tried to read/display the value of the $_SESSION['captcha'] (its a 4 digit number) but nothing I do with Echo displays the value. I think if I (could read/display) this value I could validate the code on the fly.

    Any guidance appreciated.

    This Captcha is from: http://www.phpclasses.org/package/25...on-images.html

  2. #2
    Join Date
    May 2013
    Posts
    15

    A followup question involving ? echo $PHP_SELF ?

    Using this session variable method in the web browser, and submitting to the same form, how would one pass the actual form data back to the server side?

    To clearly understand the sequence of events, could not a Validate button be used to submit the Captcha code for validation, and a Submit form button be separate to submit form data to the server-side?

    Many example scripts I have seen are in this same format.

  3. #3
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,334
    Should work if you remember to do a session_start() as the first thing on the PHP script that processes the form submission. It can then just validate the captcha value against that stored in the $_SESSION array. If invalid, the trick here is to then redisplay the original form with all the other fields already populated with the user's previous inputs, but probably regenerating the captcha value and saving that in $_SESSION (so that the redisplayed form uses a new captcha image/value).

    All that is probably most easily managed via a single-page approach: one page that has conditional processing based on whether or not there is $_GET/$_POST data that indicates a form is being submitted, with branches based on validation results and submission results, and so forth. That way, if you need to redisplay the form, you already have the prior inputs in $_GET or $_POST.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  4. #4
    Join Date
    May 2013
    Posts
    15
    Did you mean the Validate button should work? That was a bad test idea, One Submit button would be best.

    I'm sorry, I'm not familiar enough with PHP to quickly grasp your advice.

    one page that has conditional processing based on whether or not there is $_GET/$_POST data that indicates a form is being submitted, with branches based on validation results and submission results, and so forth
    So a conditional post like this example?
    Code:
     if (isset($_REQUEST['submit'])) {
         echo "running code validation now  ";
        if ($_SESSION['captcha']==$_REQUEST['code']) 
           <FORM NAME="form" ACTION="formmailer.php" METHOD=POST>;
        else echo 'Wrong code entered';
    }
    else {
    ?>

  5. #5
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,334
    Yeah, just taken to a high-level pseudo-code approach:
    Code:
    if (form is submitted)
        if (form is valid)
            process form
            display success page
        else
            display form page with error messages and prefilled data
        endif
    else
        display form page
    endif
    The "success" and "form" pages could be separate files that get included at the appropriate points. The form file can look to see if an $error array is populated, and if so, use that to display error messages, and can look at the $_POST array to see if there are already values submitted, which can then be used to prefill the form, e.g.:
    PHP Code:
    <input name='foo' type='text' value='<?php
    if(!empty($_POSt['foo']) {
        echo 
    htmlspecialchars($_POST['foo']);
    }
    ?>' />
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles