...

View Full Version : validate captcha on same page as form



24seven
01-14-2011, 09:09 PM
Hello, I recently added a captcha to a form but when a user doesn't enter the words correctly when clicking submit.. the next page comes up and says "values don't match click back and try again.. Well.. this empties the whole form and makes it a pain for the user. On my simple contact us page it's not a big deal but on some of my order forms there is alot of selections being made. I would like to verify the captcha on the orignal form page instead. right now I"m useing the recaptcha feauture from google and followed the simple instructions to add. But this feature has you put the code on the "verify.php" page not the form.php page. Any help would be greatly appreciated. Even a script that saves the info would be fine so long the user doesn't have to reinput everything all over again. THank you for any help!

calebandchels
01-14-2011, 10:06 PM
Post your code so we can see it to help you.

You can echo the variable for the input in the value attribute to keep your info in their! But you should use an if statement with your captcha so that if the incorrect input is put in you can echo your entire form instead of a user having to puch the back button! Such as



if ($captcha_input == $actual_captcha){
statement to complete the page
} else if($captcha_input != $actual_captcha){
require_once(my_form.php);
}

as for having the data show back up in your form use this



<input type = "text"
name ="example"
value = "<?php echo '$_POST[example]';?>" />


Hope I am correct I am still fairly new to this also!

24seven
01-15-2011, 12:44 AM
I'll give this a try. If I fail I'll post my code but your recommendations sound like what i'm looking for. Thanks alot!!!

MattF
01-15-2011, 12:49 AM
Set your vars and autofill your fields on form submission if there's an error. You can also use AJAX if JS is enabled on the client, but you should use the former as the primary, with the AJAX check being supplemental.

24seven
01-15-2011, 05:14 AM
Well.. I understood what you said in theory but putting it all to work is another story lol.. Don't ask me how or why I did my page like this but it's worked fine up till the past couple weeks when a form started getting spam. Anyways, sorry if this is a mess and crappy code etc. but I'm totally learn as I go so what I can gather from tutorials and the web has been somewhat tossed all together so I apologize ahead of time for it's non fundamental look :P. I created a customer support form.. I ask for 4 inputs.. i want to use sessions to re-post this input, use a captcha to protect it server side as well as some useful validation..(obviously mines not worth 2 ****s)... and finally post to my database. All is working well except that when the user doesn't get the captcha right.. it goes to a white page that just says you entered the info wrong go back and try again.. They click back as their only option and the form empties.. all i want is for this not to empty but better yet.. have the captcha just tell them below the box they write in that it's not right without navigating away from the page. I understand what Mattf is saying but I'm having difficulty meshing them. I also tried the simple task of adding

<input type = "text"
name ="example"
value = "<?php echo '$_POST[example]';?>" />
but the code must be wrong as in the blanks it says $_POST[name]
Anyway so my form submits it's results to support.results.php
It then does all the php stuff and spits it out to it's final destination support_thankyou.php. This is where the sessions come in and I'm able to say Thank you $name for your inquiry. an email has been sent to $email for your records.. etc.. etc..
I don't know if I'm taking another useless step but like i said.. it worked and it's been about 10 months since i needed to mess with it so my php skills went out the window pretty much lol. Enough rambling.. here's my support_results.php



<?php
require_once('recaptchalib.php');
$publickey = "mykey";
?>
<form action="support_results.php" method="post" enctype="application/x-www-form-urlencoded" name="Customer_Support_Form" target="_self" id="Customer_Support_Form">
<table width="728" height="277" border="6"><tbody style="font-size: 12px;"><tr><td width="554"><blockquote>
<p><font color=red>*</font>Name<br/>
<span id="sprytextfield1">
<input type="text" name="Name" size="30" />
<span class="textfieldMinCharsMsg">Minimum number of characters (3) not met.</span><span class="textfieldRequiredMsg">A name is required.</span></span></p>
</blockquote></td>
</tr><tr><td><blockquote>
<p><font color=red>*</font>Email<br/>
<span id="sprytextfield2">
<input type="text" name="email" size="30" />
<span class="textfieldInvalidFormatMsg">A valid email is required.</span><span class="textfieldRequiredMsg">An email address is required.</span></span></p>
</blockquote></td>
</tr><tr><td><blockquote>
<p>Phone <font color=red>(not required)</font><br/>
<span id="sprytextfield3">
<input type="text" name="Phone" size="14" />
<span class="textfieldMaxCharsMsg">Maximum 14 characters exceeded.</span></span></p>
</blockquote></td>
</tr><tr><td><blockquote>
<p><font color=red>*</font>Comments<br/>
<span id="sprytextarea1">
<textarea name="Comments" type="text" cols="40" rows="5" size="500" /></textarea>
<span class="textareaMinCharsMsg"><br />
Minimum number of characters (10) not met.</span><br />
<span class="textareaRequiredMsg">A comment or question is required.</span></span></p>
</blockquote></td>
</tr><tr><td><blockquote>
<?php echo recaptcha_get_html($publickey); ?>
<p> <input name="submit" type="submit" value="Submit Form" onclick="document.form1.submit.disabled=true;doc ument.form1.submit();">
<font color=red>*</font> - Required fields</p>
<p><u><font color=red>If you'd rather call us please use the following:</font></u><br />

</blockquote></td>
</tr></tbody></table>
</form>




And now the support_results.php



<?php
session_start();

require_once('recaptchalib.php');
$privatekey = "myprivatekey";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
echo ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
} else {

// Take care of magic quotes if needed (you really should have them disabled)
set_magic_quotes_runtime(0);
if (get_magic_quotes_gpc())
{
$Name = stripslashes($Name);
$email = stripslashes($email);
$Phone = stripslashes($Phone);
$Comments = stripslashes($Comments);
}


// Receiving variables
$Name = ((isset($_POST['Name'])) ? trim($_POST['Name']) : '');
$email = ((isset($_POST['email'])) ? trim($_POST['email']) : '');
$Phone = ((isset($_POST['Phone'])) ? trim($_POST['Phone']) : '');
$Comments = ((isset($_POST['Comments'])) ? ($_POST['Comments']) : '');


// Initialize the errors array which will also be sent back as a JSON object
$errors = NULL;


// Validation
if (strlen($Name) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid name</font></p>");
}

if (strlen($email) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid email</font></p>");
}

if (strlen($Comments) == 0 )
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid comment</font></p>");
}

// The session variable 'customer' will now have the value of the person's name ...
$_SESSION['customer'] = $Name;
$_SESSION['Email'] = $email;
$_SESSION['phone'] = $Phone;
$_SESSION['message'] = $Comments;


mysql_connect ("localhost", "user", "pass") or die ('Error: ' .mysql_error());
mysql_select_db ("support");

$query="INSERT INTO support (ID, Name, email, Phone, Comments)VALUES ('NULL','$Name','$email','$Phone','$Comments')";

mysql_query($query)or die('Error updating database');

header( "Location: http://www.me.com/support_thankyou.php" );


//Sending Email to form owner
$headers = "From: $email\n"
. "Reply-To: $email\n";
$subject = "Customer Support";
$to = "me@me.com";
$body = "Name: $Name\n"
. "Email: $email\n"
. "Phone: $Phone\n"
. "Comments: $Comments\n";
@mail($to, $subject ,$body ,$headers ) ;


//Sending auto respond Email to visitor
$headers = "From: me@.com\n"
. "Reply-To: me@me.com\n";
$subject = "Customer Support";
$to = "$email";
$body = "
<html>
<body>
<table align='center' width='730' border='7' bordercolor='#400080' bgcolor='#F2EFFA'>
<tr>
<td><center><img src='http://www.me.com/images/customerbanner.bmp'></img></td>
</tr>
<tr>
<td><center><h2><font color='#203536'>Customer Support</font></h2></td>
</tr>
<tr>
<td><b>Name:</b> <font color='#400080'><b>$Name</font></b></td>
</tr>
<tr>
<td><b>Email:</b> <font color='#400080'><b>$email</font></b></td>
</tr>
<tr>
<td><b>Phone:</b> <font color='#400080'><b>$Phone</font></b></td>
</tr>
<tr>
<td><b>Comments:</b> <font color='#400080'><b>$Comments</font></b></td>
</tr>
<tr>
<td><b>Thank you for your inquiry.We will contact you asap with answers to any comments, questions or concerns you may have. If you need to contact us feel free to email at any time.<br /><br>
Sincerely, <br />
Camille<br />
Owner, Designer, Seamstress<br>
<a href='mailto:me@me.com?subject=Customer support inquiry'><font color='#400080'><b>me@me.com</font></b></a></td>
</tr>
</table>
</body>
</html>
";

$headers .= "Content-type: text/html\r\n";
@mail($to, $subject ,$body ,$headers ) ;

}
?>


support_thankyou.php just has my session data followed by a quick thank you. posting doesn't seem necessary unless you want to see it but again.. any and all help is most greatful.

24seven
01-15-2011, 09:01 PM
I guess this is the part that screws me up..


if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
echo ("The reCAPTCHA wasn't entered correctly. Please try again." .
"(reCAPTCHA said: " . $resp->error . ")");
} else {


I'm trying to do this but i'm failing at the write coding.
If captcha is not entered correctly stay on the form.php and just echo "captcha was incorrect. please try again.".
If the captcha was correct else{
continue with the results.php (remove magic quotes, validate, submit to database... eventually leading to the header (support_thankyou.php) etc..

I know this has to be so simple but nothing I've tried is working. All my code is above for the form part.. the results.php . I would love some help on this! :)

MattF
01-16-2011, 02:17 AM
You're printing a string, not a var:



<input type = "text"
name ="example"
value = "<?php echo '$_POST[example]';?>" />


should be:



<input type = "text"
name ="example"
value = "<?php echo $_POST['example'];?>" />



Plus, from your code in post 5, you're missing the i in if.



f (!$resp->is_valid) {

24seven
01-16-2011, 03:06 AM
Yeah that was just a copy and paste error.. the i is normally there. I'll try the code you mention but still the dilemma I have is how to write the if it fails do this.. if it's successful do that..I want it to - if successful.. submit form and do everything the results.php says.. and if it fails.. Stay on the form and just say by the captcha.. "captcha failed pls try again."

24seven
01-16-2011, 05:52 AM
Your new code works! :) The only thing is the comments box won't post back on a fail. For some reason I get 3 out of 4. Name, Email and Phone retain their values but Comments doesn't. I am thinking it's cause it's a textbox. Trying to research this. Thanks for the fix on the post back though. !!!

24seven
01-16-2011, 06:42 AM
complete success :) I finally got it all working and the beauty of it is I went from 3 php pages to just the 1.. Thanks again for all your help I really couldn't do this without this site!

avalor
05-03-2011, 12:40 AM
How did you make it? i'm trying to do the same, im working with the chryptographp classes, but that class require to make a submit to another page, what im doing is after the validation of the captcha i insert the data into the database, im working with jquery to do the post with ajax on the same page, and i have already that,but what im trying to do is to cancel the submit if the validation in php is false, is that possible?, any ideas, is this the correct aproach?

thx :)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum