Jump to content
Larry Ullman's Book Forums

alex2014

Members
  • Posts

    1
  • Joined

  • Last visited

alex2014's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. I have added a captcha code script to this existing script. It seems to work fine, however, whether I put the correct captcha code or a "false" code in the field, it still sends the submitted data to the database. It will say "captcha code wrong" but, again, it sends the form to the db. Could somebody be as so kind to see where this conflict is? Below is the script, and below that is the captcha.php script that generates the image. Thanks in advance, alex --------------------------------------------------------------------- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <META NAME="description" CONTENT=""> <META NAME="keywords" CONTENT="yacht crew, yacht crew agency, yacht jobs, crew agency, yachtmaster, yacht master, <link rel="stylesheet" href="" type="text/css" /> <title></title> </head> <body> <?php # Script 8.7 - register.php // Send NOTHING to the Web browser prior to the header() line! // Check if the form has been submitted. if (isset($_POST['submitted'])) { require_once ('./mysql_connect.php'); // Connect to the db. $errors = array(); // Initialize error array. // Check for a position. if (empty($_POST['position'])) { $errors[] = 'You forgot to enter a position.'; } else { $p = escape_data($_POST['position']); } // Check for M/Y or S/Y. if (empty($_POST['powersail'])) { $errors[] = 'You forgot to enter type of yacht.'; } else { $ps = escape_data($_POST['powersail']); } // Check for an email address. if (empty($_POST['email'])) { } else { $e = escape_data($_POST['email']); } // Check for captcha. if (empty($_POST['captcha'])) { } else { $c = escape_data($_POST['captcha']); } if (empty($errors)) { // If everything's OK. // Register the user in the database. // Check for previous registration. $query = "SELECT user_id FROM postjobs WHERE email='$e'"; $result = mysql_query(); if (mysql_num_rows($result) == 0) { // Make the query. $query = "INSERT INTO postjobs (position, powersail, email, captcha, password, registration_date) VALUES ('$p', '$ps', '$e', '$c', SHA('$pa'), NOW() )"; $result = @mysql_query ($query); // Run the query. if ($result) { // If it ran OK. // Send an email, if desired. // Redirect the user to the thanks_job.php page. // Start defining the URL. // Add the page. } else { // If it did not run OK. $errors[] = 'You could not be registered due to a system error. We apologize for any inconvenience.'; // Public message. $errors[] = mysql_error() . '<br /><br />Query: ' . $query; // Debugging message. } } else { // Email address is already taken. $errors[] = 'The email address has already been registered.'; } } // End of if (empty($errors)) IF. mysql_close(); // Close the database connection. } else { // Form has not been submitted. $errors = NULL; } // End of the main Submit conditional. // Begin the page now. $page_title = 'Register'; if (!empty($errors)) { // Print any error messages. echo '<h1 id="mainhead">Error!</h1> <p class="error">The following error(s) occurred:<br />'; foreach ($errors as $msg) { // Print each error. echo " - $msg<br />\n"; } echo '</p><p>Please try again.</p>'; } // Create the form. ?> <?php session_start(); if (isset($_REQUEST['submit'])) { if ($_POST['captcha'] == $_SESSION['captcha']) { echo 'Captcha is correct. Do something here !'; } else { echo 'Captcha is wrong. Take action !'; } } ?> <h2><font size="3">Position Needed</font></h2> <form action="postjob4.php" method="post"> <p>Position: <br> <input type="text" name="position" size="28" maxlength="30" value="<?php if (isset($_POST['position'])) echo $_POST['position']; ?>" /></p> <p>Motor or Sail: <br> <input type="text" name="powersail" size="28" maxlength="30" value="<?php if (isset($_POST['powersail'])) echo $_POST['powersail']; ?>" /></p> <p>E Mail Address: (kept private) <br> <input type="text" name="email" size="28" maxlength="30" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /> </p> <input type="text" name="captcha" size="5" maxlength="30" value="<?php if (isset($_POST['captcha'])) echo $_POST['captcha']; ?>" size="9"/> <img src="captcha.php" style="vertical-align:bottom;"/></p> </td></tr><tr><td colspan="2"><p><input type="submit" name="submit" value="Post Job!" /></p> <input type="hidden" name="submitted" value="TRUE" /> </form> ------------------------------------------------------------------------------------------ //captcha.php starts below <?php session_start(); $str = rand(11111,99999); $_SESSION['captcha'] = $str; $Im = imagecreate(80,22); $imgcolor = imagecolorallocate($Im, 0, 0, 0); $txtcolor = imagecolorallocate($Im, 255, 255, 255); imagestring($Im, 5, 15, 3, $str, $txtcolor); header("Content-type: image/jpeg"); imagejpeg($Im); ?>
×
×
  • Create New...