[英]Ajax/PHP Contact Form Verification Code fails
Hey everyone, I posted a topic earlier that helped my previous problem by using $_SESSION instead of $_COOKIE But when I enter the correct verification number it's still saying that I entered the wrong one. 大家好,我早些时候发布了一个主题,该主题通过使用$ _SESSION而不是$ _COOKIE来解决了上一个问题,但是当我输入正确的验证码时,仍然表示输入的是错误的。 I went to a website and generated a random MD5 hash with random text, is this what I'm supposed to do?
我去了一个网站,并用随机文本生成了一个随机的MD5哈希,这是我应该做的吗?
I have no clue what's wrong but here is what I have: 我不知道出了什么问题,但这就是我的问题:
HTML Form: HTML表单:
<form id="ajax-contact-form" action="javascript:alert('success!');">
<label>Name:*</label><INPUT class="textbox" type="text" name="name" value=""><br />
<label>E-Mail:*</label><INPUT class="textbox" type="text" name="email" value=""><br />
<label>Telephone:</label><INPUT class="textbox" type="text" name=telephone" value="" /><br />
<INPUT class="textbox" type="hidden" name="subject" value="Contact Form" >
<label>Message:*</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25"></TEXTAREA><br />
<tr>
<label>Image Verification:*</label>
<input type="text" name="verify" style="width:200px;" /><img src="verification.php?<?php echo rand(0,9999);?>" width="50" height="24" align="absbottom" />
<label> </label><INPUT class="button" type="submit" name="submit" value="Send Message">
</form>
The contactform.php: contactform.php:
<?php
/*
Credits: Bit Repository
URL: http://www.bitrepository.com/
*/
include 'config.php';
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
if($post)
{
include 'functions.php';
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$telephone = stripslashes($_POST['telephone']);
$subject = stripslashes($_POST['subject']);
$message = stripslashes($_POST['message']);
$verify = stripslashes($_POST['verify']);
$error = '';
// Check name
if(!$name)
{
$error .= 'Please enter your name.<br />';
}
// Check email
if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}
if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}
// Check message (length)
if(!$message || strlen($message) < 15)
{
$error .= "Please enter your message. It should have at least 15 characters.<br />";
}
// Check Verification code
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' != $_SESSION['contact_verify'])
{
$error .= 'Image Verification failed.<br />';
}
//Send the Name, Email, Telephone, and Message in a formateed version.
$email_message = "The following message was sent to you in your contact form on domain.com\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $email_message,
"From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());
if($mail)
{
echo 'OK';
}
}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}
}
?>
Any my verification.php file: 任何我的Verification.php文件:
<?php
//Declare in the header what kind of file this is
header('Content-type: image/jpeg');
//A nice small image that's to the point
$width = 50;
$height = 24;
//Here we create the image with the sizes declared above and save it to a variable my_image
$my_image = imagecreatetruecolor($width, $height);
//Let's give our image a background color. White sound ok to everyone?
imagefill($my_image, 0, 0, 0xFFFFFF);
//Now we're going to add some noise to the image by placing pixels randomly all over the image
for ($c = 0; $c < 40; $c++){
$x = rand(0,$width-1);
$y = rand(0,$height-1);
imagesetpixel($my_image, $x, $y, 0x000000);
}
$x = rand(1,10);
$y = rand(1,10);
$rand_string = rand(1000,9999);
imagestring($my_image, 5, $x, $y, $rand_string, 0x000000);
/*
We're going to store a ****** in the user's browser so we can call to it
later and confirm they entered the correct verification. The
"decipher_k2s58s4" can be anything you want. It's just our personal
code to be added to the end of the captcha value stored in the ******
as an encrypted string
*/
$_SESSION['contact_verify'] = (md5($rand_string).'098f6bcd4621d373cade4e832627b4f6');
imagejpeg($my_image);
imagedestroy($my_image);
?>
Your verification.php
i believe has no session_start();
我相信您的
verification.php
没有session_start();
Add session_start();
添加
session_start();
as first line on that page see if that works with your original code before you edited it. 作为该页面的第一行,请先查看该代码是否与您的原始代码一起使用,然后再进行编辑。
The only time you don't need to do this is when the PHP file is added with require_once
or include
. 唯一不需要这样做的是在PHP文件中添加了
require_once
或include
。 This is because the script would inherit it from the file that called it. 这是因为脚本将从调用它的文件中继承它。 You how ever call it from HTML which means it doesn't.
您是如何从HTML调用它的,这意味着它不是。
Every file needs to have session_start(); 每个文件都需要具有session_start(); or they cannot use
$_SESSION
vars. 否则他们不能使用
$_SESSION
变量。
Side note: You should also add error reporting on your verification.php
script too so you could see the issue ;) 旁注:您还应该在您的
verification.php
脚本中添加错误报告,这样您就可以看到问题;)
This appears to be incorrect: 这似乎是不正确的:
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' ...
I doubt you want to append the md5 of $verify
and this other hash. 我怀疑您要附加
$verify
的md5以及其他哈希值。 Try: 尝试:
if(md5($verify) != $_SESSION['contact_verify']) {
$error .= 'Image Verification failed.<br />';
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.