stackoom
  简体   繁体   中英

Integrate CAPTCHA with a form

 原文  2012-12-19 04:30:55       php/ captcha

Question

I am trying to integrate a captchia code with using a form. What I have is a basic format to where I was able to get the captcha part working on its own php page. Also I was able to display a form in its own php page. The problem I am having is I'm not sure how to get both parts working together.

This is a snipit of what I have: 

<?php
session_start();
    if (isset($_POST['captcha'])) {
        $_SESSION['captcha'] = rand(0, 99999999999);
        } else {
            if ($_SESSION['captcha']!==$_POST['captcha']) {
            echo 're-enter a new captcha!';
            $_SESSION['captcha'] = rand(0, 99999999999);
        }
    }
?>

    <form action="formx.php" method="POST">
            <ul>
                <li>
                    Username:<br>
                    <input type"text" name="username">
                </li>
                <li>
                    Password:<br>
                    <input type="password" name="password">
                </li>
                <li>
                    Password again:<br>
                    <input type="password" name="password2">
                </li>
                <li>
                    Email:<br>
                    <input type="text" name="email">
                </li>
                <li>
                    <input type="submit" name="captcha" value="submit">
                </li>
            </ul>
    </form>

3 answers

solution1
 0 ACCPTED  2012-12-19 04:55:31

If you walk through it, you are probably missing a couple steps: 

if ($_SERVER['REQUEST_METHOD']!='POST')  //If initial load, load up captcha into session
    $_SESSION['captcha'] = rand(0,9999999999);
else{//Means form was submitted
    if (isset($_POST['captcha'])) {//Check if they entered
        if ($_SESSION['captcha']!==$_POST['captcha']) {//check if ! correct, reissue new captcha
            echo 're-enter a new captcha!';
            $_SESSION['captcha'] = rand(0, 99999999999);
        }else{
            //Everything was good, handle data
        }
    }else{//Nothing was entered, give them new captcha
        echo 'please enter the captcha!';
        $_SESSION['captcha'] = rand(0, 99999999999);
    }

}

Now the tricky part comes when you display this to the user. If you put: 

<li>
    Please type <?=$_SESSION['captcha']?>:<br/>
    <input type="submit" name="captcha" value="submit">
</li>

bots will be able to bypass this. So you need to figure out how to over come this problem. Simply displaying the number and telling them to enter is good and will deter VERY basic bots. Obfuscating it ( <span>1</span><span>2</span> ) may make it a little more difficult, but bots can still parse it and bypass it. Saving it as a Javascript variable and then checking against it may also work, but again, can be bypassed if the bot is smart enough. An iframe may work, an image may work, user-agent parsing may help, etc etc etc. All these things would work, but it is up to you on how you want to implement it and how secure you want it.

Personally, while I am a fan of Recaptcha as it is usually very easy to implement and requires minimal coding on my end. I also use the GD and TrueType libraries to make captcha images, but this does require a lot more programming than it may be worth if you can use Recaptcha. Finally, I do like Javascript math problems that are loaded after the page loads, which bots have a harder time loading and figuring out what is going on.

After all is said and done, do whatever you want. If you get stuck, post your code and we can help you out.

solution2
 0  2012-12-19 05:00:01

You have to check with the previous captcha for new page submit.. so please assign that old value in session old varaible as $_SESSION['oldCaptcha'].. so your code should be, 

session_start();
if (isset($_POST['captcha'])) {
    if($_SESSION['oldCaptcha'] == $_POST['captcha']) {
        echo 'Captcha is Successfully Matched';
    }
    else {
        $_SESSION['oldCaptcha'] = rand(0, 99999999999);   
    }         
}

If your answer come insde else loop then use $_SESSION['oldCaptcha'] in form to display for user to enter...

solution3
 0  2012-12-19 05:13:06

Try this 

if($_SERVER['REQUEST_METHOD']=="POST"){
    if ($_POST['capt']  == $_SESSION['captcha'] ){
        echo "Sucsess";
        $capt= rand(0, 99999999999);  
        $_SESSION['captcha'] =$capt;
    }else{
        echo "Fail";
    }
}else{
     $capt='';  
     $capt= rand(0, 99999999999);  
     $_SESSION['captcha'] =$capt;
}    

?>

    <form action="" method="post">
            <ul>
                <li>
                    Username:<br>
                    <input type="text" name="username">
                </li>
                <li>
                    Password:<br>
                    <input type="password" name="password">
                </li>
                <li>
                    Password again:<br>
                    <input type="password" name="password2">
                </li>
                <li>
                    Email:<br>
                    <input type="text" name="email">
                </li>
                <li>
                    Captcha:<br>
                    <input type="text" name="capt" >
                    <?php echo "Captcha : " .$capt ; ?> 
                </li>
                <li>
                    <input type="submit" name="captcha" value="submit">
                </li>
            </ul>
    </form>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Unable to integrate dracon flash captcha captcha validating post in form Form validation and captcha Form Submitting without captcha 1 form 2 submit buttons with captcha Captcha in WordPress custom form Captcha Breaking my Form? zend form captcha problem Captcha for Wordpress customized form PHP Captcha Form
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM