...

View Full Version : reCaptcha - close but no cigar???



adehall1980
07-21-2008, 12:51 AM
Can anyone help me please?

I'm not amazingly proficient with php, I only started dabbling with it when I wanted to add a guestbook feature to a business website I've created for a friend. Even then I downloaded one of the many free script sets out there and camouflaged it with my existing html to give it the website's theme. Worked perfectly until it started to get spammed... heavily. So I've researched what I need to add, even posted on this forum and it would seem captcha is the way forward. The guestbook is text file based but only requires two fields; name and comment. It doesn't require people's email addresses so I wasn't looking to go down the email validation route but a lot of people have suggested captcha to me as a way of stopping those pointless bots from posting plentiful obscene posts (of course I've been removing them but there's getting so many of them as time goes by).

I've looked into free captcha scripts even tried some out, some not working at all and others only half working with the tutorial saying 'you might need to tweak it a bit' but that's the point, I don't know how or where to tweak.

Some tutorials that seemingly came close to working had an online demo of a guestbook with their captcha feature but I couldn't help but notice that THEIR guestbook even with this validation method was also getting spammed.

A few people have therefore suggested reCaptcha, a remote validation service that the bots will have huge trouble in cracking. This is great it boasts being a free service (which it is) and as easy as adding a few lines of code... great... I can't get it to work, however it's the closest I've got so far out of all the ones I've looked at.

So this is a post to anyone who know's where to slot the code successfully.

Instructions;

reCAPTCHA Quickstart
These instructions should get you started quickly.

Download the reCAPTCHA Library, extract recaptchalib.php in the directory where you your forms live.
If you haven't done so, sign up for an API key.
Now we're ready to start modifying your code. First, we'll add code to display the CAPTCHA:
require_once('recaptchalib.php');
$publickey = "..."; // you got this from the signup page
echo recaptcha_get_html($publickey);

In the code that processes the form submission, you need to add code to validate the CAPTCHA. Otherwise, the CAPTCHA will appear, but the answers won't be checked. The validation code looks like:
require_once('recaptchalib.php');
$privatekey = "...";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}

So I've done this on my postform.php

I have my private key and public key copied and pasted from signing up into a text file so I can't get them wrong, I'll not display them for security purposes obviously.

There's 2 chunks of php in my postform.php. The first batch is mostly configuration for the guestbook. The second batch starts the output for the guestbook. At the start of the second batch of php I initialise my private key and public key

<?PHP
/***********************\
//// Start of output \\\\
\***********************/

require_once('recaptchalib.php');
$publickey = "mypublickey";
$privatekey = "myprivatekey";

(recaptchalib.php is downloaded and sitting in the directory where it needs to be before anyone asks)

Then when the user types in their name and comment the only button available to them is to make a preview. Once they click on this, it then should display the reCaptcha widget, show the preview and give a button to submit the post.

I can get the reCaptcha widget to display no probs,

// If we have some data posted to us, make a preview for the user
if ($name != "" || $message != "") {
echo recaptcha_get_html($publickey);
echo "<b>Preview of message</b><br>" .
printMessage(serialize(array("timestamp"=> time(), "name" => $name_preview, "message" => $message_preview)))
."<input type=\"submit\" value=\" Add the preview message to the Guestbook \"><br><br>\n";
}

the above works to the extent that it displays the widget after clicking for a message preview, problem lies in where do I put the reCaptcha validation code?? It says to put it in the code that processes the form submission, so the form code now looks like this in total;

Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
<form action=\"$PHP_SELF\" method=\"post\">

$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}

<textarea id=\"message\" name=\"message\" cols=\"50\" rows=\"3\" maxlength=\"".GUESTBOOK_MAX_MESSAGE_LENGTH."\">". $message ."</textarea><br>
<br>
Name (Max ".GUESTBOOK_MAX_NAME_LENGTH." chars)<br>
<input type=\"text\" name=\"name\" size=\"40\" maxlength=\"".GUESTBOOK_MAX_NAME_LENGTH."\" value=\"".htmlentities($name,ENT_NOQUOTES)."\"><br>
<input id=\"ispreview\" type=\"hidden\" name=\"preview\" value=\"0\"><br>
<input type=\"submit\" onclick=\"document.getElementById('ispreview').value='1'\" value=\" $button \"><br>
<br>";

// If we have some data posted to us, make a preview for the user
if ($name != "" || $message != "") {
echo recaptcha_get_html($publickey);
echo "<b>Preview of message</b><br>" .
printMessage(serialize(array("timestamp"=> time(), "name" => $name_preview, "message" => $message_preview)))
."<input type=\"submit\" value=\" Add the preview message to the Guestbook \"><br><br>\n";
}

echo "</form>\n";

I upload it and then refresh the form page and I get this error;

Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /mydomain/postform.php on line 260

(I've also not disclosed the domain name in the above error) but line 260 refers to

$_SERVER["REMOTE_ADDR"],

I've dotted this code around a bit and had variations of errors thrown back at me it's driving me around the bend.

I know this is really long winded but I appreciate anyone who's read this far and can help me out please? I'm a beginner to php and I'm struggling, I just want to get this working so I can put the guestbook back online.

oesxyl
07-21-2008, 01:24 AM
sorry, I can't follow the code and the comments. Can't you post each file, with name above, between tags [ code] and [ /code] or [ php] and [ /php].
another question is where did you know that are bots and not real people? In my opinion is hard to beleave that somebody use a bot to post obscene messages into a guestbook, but who knows? :)
I will try to help if I can.

regards

adehall1980
07-21-2008, 11:21 PM
I'm assuming it's bots because it's the starts of erotic stories and it was getting about 30 posted in an hour!! crazy.

Okay here goes, please bear in mind that I downloaded this free code

postform.php
==========



<?PHP
/****************************************************************************\
* This program is free software; you can redistribute it and/or *
* modify it under the terms of the GNU General Public License *
* as published by the Free Software Foundation; either version 2 *
* of the License, or (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the Free Software *
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.*
* *
* The Emoticons are not covered by the GNU GPL license. *
* Some of the emoticons are free and made by: *
* http://www.kevinhatch.com/graphics/emoticons/ *
* Download them from his site to get the latest verison *
\****************************************************************************/

// see guestbook_vars.php for configuration

/* This function locates what is the "root" dir by searching the current dir for guestbook.php, if not found then it searches the parrent and so on. With this you can then have many guestbooks on your site by just creating a soft link to readbook.php and postform.php to the sub-dirs where you want the new book. */

include_once("guestbook.php");

// If magic quotes are on we get rid of the dumb slashes.
//Since we are using serialize to store the data, it is not nessesary to addslashes()
if(get_magic_quotes_gpc()){
$name = stripslashes($name);
$message = stripslashes($message);
}
// Put a cap on the length of the submitted msg
$name = substr($name, 0, GUESTBOOK_MAX_NAME_LENGTH);
$message = substr($message, 0, GUESTBOOK_MAX_MESSAGE_LENGTH);

if (! $preview && isset($preview)){
// Do we have write access to the guestbook file? if not bich about it
if (!$fileName = fopen(GUESTBOOK_TEXTFILE, "a")){
echo "test....".GUESTBOOK_TEXTFILE;
echo "I (webserver) don't have write access to the " . GUESTBOOK_TEXTFILE . " or the directory it is stored...<br>
Check with ls -l in the directory to see that the file is owned by the web server and writable...<br>
If you are not the webmaster for this site, please contact the webmaster and include this message<br>";
exit();
}
fclose($fileName);

if ($message == '' || $name == '')
$error = "You must include both a name and a message";
else if (MAX_SMILEYS_NAME < countSmileys($name, $smileys))
$error = "You have used to many smileys in the name";
else if (MAX_SMILEYS_MESSAGE < countSmileys($message, $smileys))
$error = "You have used to many smileys in the message";
else{
$name = htmlentities($name,ENT_NOQUOTES);
$message = htmlentities($message,ENT_NOQUOTES);

// Change newlines to html
$message = nl2br($message);

// Remove any newlines and carrage returns
// they would **** up serialize, since it is stored one entry at a time
$name = str_replace ("\n","",$name);
$name = str_replace ("\r","",$name);
$message = str_replace ("\n","",$message);
$message = str_replace ("\r","",$message);

// Compose the new entry
$newRow = serialize(array(
"timestamp" => time(),
"remote_addr" => $REMOTE_ADDR,
"user_agent" => $_SERVER["HTTP_USER_AGENT"],
"name" => strip_tags ($name),
"message" => $message));

// Read all the old entries in the book
$oldRows = join ('', file (GUESTBOOK_TEXTFILE) );

// Write the new entry and then all the old ones
$fileName = fopen (GUESTBOOK_TEXTFILE, 'w');
fputs ($fileName, $newRow. "\n" . $oldRows);
fclose ($fileName);

// we have been silent up til now, so we can redirec with a header "Location:" to the readbook
header("Location: " . GUESTBOOK_READBOOK);

// Now the user should be on his way to the readbook page
// We now mail the owner of the guestbook about the new post

if (EMAIL_NEW_POSTS !== false) {
mail(EMAIL_NEW_POSTS, "New post in guestbook", $newRow,
"From: webmaster@{$_SERVER['SERVER_NAME']}\r\n" .
"Reply-To: webmaster@{$_SERVER['SERVER_NAME']}\r\n" .
"X-Mailer: PHP/" . phpversion());
}
exit;
}
}
?>
<!--postform.php, author: Adrian Hall-->
<!--last updated on 27/06/08-->
<html>
<head>
<title>2 Wheels Motorcycle Training</title>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<link rel="shortcut icon" href="favicon.ico" >
<STYLE TYPE="text/css">
BODY
{
scrollbar-base-color: #6B99E5;
scrollbar-face-color: #123065;
scrollbar-arrow-color: #343A44;
scrollbar-DarkShadow-Color: #0056D8;
}
</STYLE>
</head>

<!--Insert static background colour-->
<body bgcolor="#FFFFFF" text="#000000" LEFTMARGIN=0 RIGHTMARGIN=0 TOPMARGIN=0 BOTTOMMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0 alink="#FD351C" vlink="#FD351C" link="#FD351C">

<!--Content-->
<table width="100&#37;" height="100%" border="0" cellpadding="0" cellspacing="0" name="Content">
<tr>
<td>
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" name="Borders">
<tr>
<td background="Border1.bmp" width="133">&nbsp;</td>
<td>
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" name="CentrePage">
<tr>
<td height="166">
<table width="100%" border="0" cellpadding="0" cellspacing="0" name="TitleBanner">
<tr>
<td height="16" background="chrome.bmp"><font size="1">&nbsp;</font></td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellpadding="0" cellspacing="0" name="BannerFlash">
<tr>
<td width="10" height="150" background="bannerleft.bmp">&nbsp;</td>
<td height="150" bgcolor="#FFFFFF">&nbsp;</td>
<td height="150" width="700" bgcolor="#FFFFFF" align="center">
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="700" height="150">
<param name=movie value="CommunityBanner.swf">
<param name=quality value=high><param name="LOOP" value="false">
<embed src="CommunityBanner.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="700" height="150" loop="false">
</embed>
</object>
</td>
<td height="150" bgcolor="#FFFFFF">&nbsp;</td>
<td width="10" height="150" background="bannerright.bmp">&nbsp;</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="16" background="chrome.bmp"><font size="1">&nbsp;</font></td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="66">
<table width="100%" border="0" cellpadding="0" cellspacing="0" name="Menu">
<tr>
<td>
<table height="50" width="100%" border="0" cellpadding="0" cellspacing="0" name="Options">
<tr>
<td bgcolor="#FD351C">
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
<param name=movie value="HomeButton.swf">
<param name=quality value=high><param name="LOOP" value="true">
<embed src="HomeButton.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="true">
</embed>
</object>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
<param name=movie value="CoursesButton.swf">
<param name=quality value=high><param name="LOOP" value="true">
<embed src="CoursesButton.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="true">
</embed>
</object>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
<param name=movie value="ContactButton.swf">
<param name=quality value=high><param name="LOOP" value="true">
<embed src="ContactButton.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="true">
</embed>
</object>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
<param name=movie value="CommunityActive.swf">
<param name=quality value=high><param name="LOOP" value="false">
<embed src="CommunityActive.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="false">
</embed>
</object>
<script type="text/javascript" src="ieupdate.js"></script>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="16" background="chrome.bmp"><font size="1">&nbsp;</font></td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellpadding="0" cellspacing="0" name="communityPageData">
<tr>
<td>
&nbsp;<p>
<font size="4" color="#123065"><center><b><u>Sign Our Guestbook</u></b></center></font><br>
<table align="center" cellpadding="20" cellspacing="0" name="ViewGuestbook" bordercolor="#000000" border="1">
<tr>
<td bgcolor="#D1D1D1">
<?PHP
/***********************\
//// Start of output \\\\
\***********************/

require_once('recaptchalib.php');
$publickey = "6LdXgwIAAAAAADETO9nxFNZ8Vs_j0AeNcVzga6bP";
$privatekey = "6LdXgwIAAAAAAHcLIudduKAno9EYvW9di496V7Do";
// Change everything to legal html code. This makes all html tags in the submitted text apper as text content.
// These two are only used for the preview of the message
$name_preview = htmlentities($name,ENT_NOQUOTES);
$message_preview = htmlentities($message,ENT_NOQUOTES);;

// Change newlines to html
$message_preview = nl2br($message_preview);

// Make a list of the smileys with the way to print them
reset($smileys);
$i=0;
while (list ($key, $val) = each ($smileys)){
$smileys_array[$i] = "<img onclick=\"javascript: document.getElementById('message').value += ' \\$key ';\" $val>";
$i++;
}
$smileys_table = "<center>" . makeTable($smileys_array, 10) . "</center>";

// Page layout start

echo topicBox("Add a message to the guestbook","");
echo topicBox("Emoticons: Click the emoticon you want!",
"$escapeTag $smileys_table $escapTag");

if ($name != "" || $message != "")
$button = "Refresh preview";
else
$button = "Make preview";

echo "<font color=\"red\"><b>$error</b></font><br>
Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
<form action=\"$PHP_SELF\" method=\"post\">

$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}


<textarea id=\"message\" name=\"message\" cols=\"50\" rows=\"3\" maxlength=\"".GUESTBOOK_MAX_MESSAGE_LENGTH."\">". $message ."</textarea><br>
<br>
Name (Max ".GUESTBOOK_MAX_NAME_LENGTH." chars)<br>
<input type=\"text\" name=\"name\" size=\"40\" maxlength=\"".GUESTBOOK_MAX_NAME_LENGTH."\" value=\"".htmlentities($name,ENT_NOQUOTES)."\"><br>
<input id=\"ispreview\" type=\"hidden\" name=\"preview\" value=\"0\"><br>
<input type=\"submit\" onclick=\"document.getElementById('ispreview').value='1'\" value=\" $button \"><br>
<br>";

// If we have some data posted to us, make a preview for the user
if ($name != "" || $message != "") {
echo recaptcha_get_html($publickey); echo "<b>Preview of message</b><br>" .
printMessage(serialize(array("timestamp"=> time(), "name" => $name_preview, "message" => $message_preview)))
."<input type=\"submit\" value=\" Add the preview message to the Guestbook \"><br><br>\n";
}

echo "</form>\n";

if (WARN_USER_ABOUT_ABUSE)
echo topicBox("Warning","IP and timestamp is recorded, abuse will be forwarded to the appropriate ISP's");

if (is_readable($root_file_url . "status.php")){
include($root_file_url . "status.php");
echo "$status</div>\n";
}
?>
</td>
</tr>
</table>
<table height="10" width="100%" border="0" cellpadding="5" cellspacing="0" name="Copyright">
<tr>
<div align="center" valign="bottom">
<br><b><font size="4" color="#FD351C"><a href="readbook.php">View Our Guestbook</a>
</font><font size="4" color="#123065"> or browse the </font><font size="4" color="#FD351C">
<a href="gallery.htm">2 Wheels Success Gallery</a></font></b>
</div>
</tr>
<tr>
<td>
<div align="center" valign="bottom">
<br><font size="1">This website has been designed and produced
by Adrian Hall on behalf of Michael Rice at 2 Wheels Motorcycle Training.<br>
The 2 Wheels logo (&#169; 2007) and the content of this website is the subject
of copyright protection. All Rights Reserved.<br>
&#169; 2007 2 Wheels Motorcycle Training</font>
</div>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td background="Border2.bmp" width="133">&nbsp;</td>
</tr>
</table>
</td>
</tr>
</table>

</body>
</html>


I've highlighted the reCaptcha parts in red. There's also readbook.php and guestbook.php but I didn't think you'd need to see them, please let me know if you do. Your help is greatly appreciated. I haven't done this kind of development since I was at uni (over 10 year ago) so I'm very rusty, but was thrilled when I got the guestbook up and running and I know that my html could be tidier and I've yet to dive in the world of css style sheets instead of using invisible tables to line things up.

oesxyl
07-22-2008, 12:04 PM
I'm assuming it's bots because it's the starts of erotic stories and it was getting about 30 posted in an hour!! crazy.
that means 2 min between posts or more. A nasty kid could post manualy 1 per minute, that means 60, :)


Okay here goes, please bear in mind that I downloaded this free code
I was looking for the guestbook code but is not clear for me if is still maintained or not.


I haven't done this kind of development since I was at uni (over 10 year ago) so I'm very rusty, but was thrilled when I got the guestbook up and running and I know that my html could be tidier and I've yet to dive in the world of css style sheets instead of using invisible tables to line things up.
I don't intend to get off topic. If you want something else then solving this problem, this is another thing. :)

options to solve this:
1.) you can add a minimal time interval between posts, in fact is a guestbook not a forum or chat
2.) forbid multiple posts from same location
3.) ask for registration before posting, hmm not quite ok for a guestbook
4.) filter the content of the messages, names and forbid posts, in my opinion not eficient, could slow down a little the spam but keep you busy with update the filters.
5.) a combination of 1-4 to achive what you want

the complication is that you must keep track of users.

PS: I was found your site with google and I see that you disabled the guestbook until you solve the problem so I will try to help as fast as I can.

regards

adehall1980
07-22-2008, 01:23 PM
Guestbook code is available at

http://wigen.net/projects/guestbook/

if that helps?

Really appreciate you looking into this for me and yes I did disable the guestbook until I could sort this, it's been off-line for a week now.

If you type the url as

http://www.2wheelsmotorcycletraining.co.uk/postform.php

you'll see the error that I get using the above code

djm0219
07-22-2008, 01:41 PM
That error is coming before that line in what you posted. Look up a little bit and you'll see:
echo "<font color=\"red\"><b>$error</b></font><br>
Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
<form action=\"$PHP_SELF\" method=\"post\">


That block of code is missing a closing double quote as well as the trailing semi-colon. See if changing it to:


echo "<font color=\"red\"><b>$error</b></font><br>
Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
<form action=\"$PHP_SELF\" method=\"post\">";


helps (it should resolve the error message at least).

oesxyl
07-22-2008, 02:21 PM
Guestbook code is available at

http://wigen.net/projects/guestbook/

if that helps?
yes, thank you. The link to www.kevinatch.com no longer point to emoticons and from the source you posted I can't identify the scripts.


Really appreciate you looking into this for me and yes I did disable the guestbook until I could sort this, it's been off-line for a week now.
I don't think that this can be solved only using this code. The code have some small coding problems but probably is safe enought. Think to what I said in my previous post maybe we can add something to solve this. Mean time I will look deeper in the source.


If you type the url as

http://www.2wheelsmotorcycletraining.co.uk/postform.php

you'll see the error that I get using the above code
djm0219 is right, this solve the error.

regards

PeaTearGriffin
07-22-2008, 03:00 PM
On this other forum that I was signing up I saw they just asked you to type the text between quotes as a form of captcha. I.e. Type "php" without the quotes. Can the robots not figure that out?

oesxyl
07-22-2008, 03:14 PM
On this other forum that I was signing up I saw they just asked you to type the text between quotes as a form of captcha. I.e. Type "php" without the quotes. Can the robots not figure that out?
If we assume the "php" is not displayed as text but as image, could work, :)
image captcha is based on the fact that is very hard to extract what is text from a picture in a programatic way.
because capcha is useless if you use same text every time is a habit to generate random text but the problem is to display this in page only as picture and to check if match when validate.

regards

PeaTearGriffin
07-22-2008, 03:33 PM
If we assume the "php" is not displayed as text but as image, could work, :)
image captcha is based on the fact that is very hard to extract what is text from a picture in a programatic way.
because capcha is useless if you use same text every time is a habit to generate random text but the problem is to display this in page only as picture and to check if match when validate.

regards

If I remember correctly, it was only text. So I guess that could easily be worked around. I also read about questions that would be easy for humans but more difficult for robots such as "fire is hot, ice is ..." Sometimes captcha just annoys me, because even for humans its really difficult when its too blurry, squishy or whatever. I've gotten 3-4 wrong in a row before lol.

oesxyl
07-22-2008, 03:56 PM
If I remember correctly, it was only text. So I guess that could easily be worked around.
then is useless, :)


I also read about questions that would be easy for humans but more difficult for robots such as "fire is hot, ice is ..."
Sometimes captcha just annoys me, because even for humans its really difficult when its too blurry, squishy or whatever. I've gotten 3-4 wrong in a row before lol.
me too, :) is one like this on a IBM site, I never understand what is there, so I never register. :)

regards

adehall1980
07-22-2008, 04:22 PM
Man... that takes me back a bit, I used to do that all the time, sit and stare at a block of code for hours on end wondering why it doesn't work then someone would tell me I've missed a semi-colon. thanks

adehall1980
07-22-2008, 04:25 PM
then is useless, :)


me too, :) is one like this on a IBM site, I never understand what is there, so I never register. :)

regards

The reCaptcha widget has an audio option if the image isn't clear enough

adehall1980
07-22-2008, 11:04 PM
okay, so I'm a little step closer, slowly but surely



echo "<font color=\"red\"><b>$error</b></font><br>
Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
<form action=\"$PHP_SELF\" method=\"post\">";

$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}

echo "<textarea id=\"message\" name=\"message\" cols=\"50\" rows=\"3\" maxlength=\"".GUESTBOOK_MAX_MESSAGE_LENGTH."\">". $message ."</textarea><br>
<br>
Name (Max ".GUESTBOOK_MAX_NAME_LENGTH." chars)<br>
<input type=\"text\" name=\"name\" size=\"40\" maxlength=\"".GUESTBOOK_MAX_NAME_LENGTH."\" value=\"".htmlentities($name,ENT_NOQUOTES)."\"><br>
<input id=\"ispreview\" type=\"hidden\" name=\"preview\" value=\"0\"><br>
<input type=\"submit\" onclick=\"document.getElementById('ispreview').value='1'\" value=\" $button \"><br>
<br>";


I added the missing a closing double quote as well as the trailing semi-colon, added the reCaptcha validation code but then obviously for the text area had to add echo and opening quotes.

I resolved the parse error, thanks guys, but if you now go to

http://www.2wheelsmotorcycletraining.co.uk/postform.php

you can see it displays the reCaptcha validation code like text, so the question is what do I do to get it integrated as part of the form submission?

adehall1980
07-22-2008, 11:10 PM
http://recaptcha.net/plugins/php/

is the url that describes how to implement reCaptcha. As you will see from the examples it gives, I can not follow these instructions to the letter because it assumes you're adding this php to a form created in html

oesxyl
07-23-2008, 12:46 AM
http://recaptcha.net/plugins/php/

is the url that describes how to implement reCaptcha. As you will see from the examples it gives, I can not follow these instructions to the letter because it assumes you're adding this php to a form created in html
do display the captcha you must put somewhere in the form:


echo recaptcha_get_html($publickey);


and this part will check if the answer is valid:


$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}


set the position where you want to display the messages and captcha and then modify the logic to test:
- invalid captcha response
- no message or no name with appropriate messages

regards

adehall1980
07-23-2008, 10:47 AM
do display the captcha you must put somewhere in the form:


echo recaptcha_get_html($publickey);



This bit works, the widget appears



and this part will check if the answer is valid:

PHP Code:
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}


It's this bit that's giving me the grief. I can't seem to find where to put it where it doesn't have some sort of a problem. Obviously I know that it needs to execute upon form submission, but from my previous post you can see where I've put it and you can see the error I'm getting. If I remove the validation chunk of code, it works as far as displaying the widget when previewing the guestbook entry, I just can not find the correct place to put this validation code, or if I have found the correct spot to put it, what is it missing that it's not executing?

oesxyl
07-23-2008, 12:25 PM
you must do something like this:



// the response from reCAPTCHA
$resp = null;
// the error code from reCAPTCHA, if any
$error = null;

// are we submitting the page?
if(isset($_POST["submit"])){
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if(!$resp->is_valid) {
// show the recaptcha error...
}else{
if($message == "" || $name == ""){
// show the errors if $name or $message is empty
}else{
// the part of the code from guestbook who submit
// the message
}
}
}


regards

adehall1980
07-27-2008, 11:32 AM
Thank for this, I really appreciate your efforts, my coding skills skills obviously need a serious shake up because I still couldn't get it to work.

I gave it up as a bad job and started to research other downloadable scripts that had captcha and emoticons already included and found one called 'gbook' and what's better is that it works!

Another problem has arisen however and it's purely cosmetic. the Guestbook has obliterated my right hand border! and a can't see why. I've checked through the php as much I can understand it, merely checking if all the <?php all had a ?> and I think they do, but dreamweaver hasn't coloured the last stretch of html like it normally would, it's still navy like the php code?? I'm going to post a new thread for this called 'Guestbook width problem' and I'm letting you know just incase you're feeling kind enough to look at this one (you seem to know what you're talking about)
:)
Thanks



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum