[英]Ajax/PHP Contact Form Verification Code fails
大家好,我早些时候发布了一个主题,该主题通过使用$ _SESSION而不是$ _COOKIE来解决了上一个问题,但是当我输入正确的验证码时,仍然表示输入的是错误的。 我去了一个网站,并用随机文本生成了一个随机的MD5哈希,这是我应该做的吗?
我不知道出了什么问题,但这就是我的问题:
HTML表单:
<form id="ajax-contact-form" action="javascript:alert('success!');">
<label>Name:*</label><INPUT class="textbox" type="text" name="name" value=""><br />
<label>E-Mail:*</label><INPUT class="textbox" type="text" name="email" value=""><br />
<label>Telephone:</label><INPUT class="textbox" type="text" name=telephone" value="" /><br />
<INPUT class="textbox" type="hidden" name="subject" value="Contact Form" >
<label>Message:*</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25"></TEXTAREA><br />
<tr>
<label>Image Verification:*</label>
<input type="text" name="verify" style="width:200px;" /><img src="verification.php?<?php echo rand(0,9999);?>" width="50" height="24" align="absbottom" />
<label> </label><INPUT class="button" type="submit" name="submit" value="Send Message">
</form>
contactform.php:
<?php
/*
Credits: Bit Repository
URL: http://www.bitrepository.com/
*/
include 'config.php';
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
if($post)
{
include 'functions.php';
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$telephone = stripslashes($_POST['telephone']);
$subject = stripslashes($_POST['subject']);
$message = stripslashes($_POST['message']);
$verify = stripslashes($_POST['verify']);
$error = '';
// Check name
if(!$name)
{
$error .= 'Please enter your name.<br />';
}
// Check email
if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}
if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}
// Check message (length)
if(!$message || strlen($message) < 15)
{
$error .= "Please enter your message. It should have at least 15 characters.<br />";
}
// Check Verification code
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' != $_SESSION['contact_verify'])
{
$error .= 'Image Verification failed.<br />';
}
//Send the Name, Email, Telephone, and Message in a formateed version.
$email_message = "The following message was sent to you in your contact form on domain.com\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $email_message,
"From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());
if($mail)
{
echo 'OK';
}
}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}
}
?>
任何我的Verification.php文件:
<?php
//Declare in the header what kind of file this is
header('Content-type: image/jpeg');
//A nice small image that's to the point
$width = 50;
$height = 24;
//Here we create the image with the sizes declared above and save it to a variable my_image
$my_image = imagecreatetruecolor($width, $height);
//Let's give our image a background color. White sound ok to everyone?
imagefill($my_image, 0, 0, 0xFFFFFF);
//Now we're going to add some noise to the image by placing pixels randomly all over the image
for ($c = 0; $c < 40; $c++){
$x = rand(0,$width-1);
$y = rand(0,$height-1);
imagesetpixel($my_image, $x, $y, 0x000000);
}
$x = rand(1,10);
$y = rand(1,10);
$rand_string = rand(1000,9999);
imagestring($my_image, 5, $x, $y, $rand_string, 0x000000);
/*
We're going to store a ****** in the user's browser so we can call to it
later and confirm they entered the correct verification. The
"decipher_k2s58s4" can be anything you want. It's just our personal
code to be added to the end of the captcha value stored in the ******
as an encrypted string
*/
$_SESSION['contact_verify'] = (md5($rand_string).'098f6bcd4621d373cade4e832627b4f6');
imagejpeg($my_image);
imagedestroy($my_image);
?>
我相信您的verification.php
没有session_start();
添加session_start();
作为该页面的第一行,请先查看该代码是否与您的原始代码一起使用,然后再进行编辑。
唯一不需要这样做的是在PHP文件中添加了require_once
或include
。 这是因为脚本将从调用它的文件中继承它。 您是如何从HTML调用它的,这意味着它不是。
每个文件都需要具有session_start(); 否则他们不能使用$_SESSION
变量。
旁注:您还应该在您的verification.php
脚本中添加错误报告,这样您就可以看到问题;)
这似乎是不正确的:
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' ...
我怀疑您要附加$verify
的md5以及其他哈希值。 尝试:
if(md5($verify) != $_SESSION['contact_verify']) {
$error .= 'Image Verification failed.<br />';
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.