Hello,
I am looking for a captcha script to install on a form on my website because I receive spam from it. I am looking for an easy to install script.
Thank you for your help
Cheers
Looking for a PHP captcha script
Yes of course. But I did that already and did not find anything that worked :-(
For instance I tried: http://www.white-hat-web-design.co.uk/articles/php-captcha.php
It looked promising but does not work for my form (I tested it and whatever I write in the captcha fied I get email).
THat means that there is a bug in the script, or you installed it incorrectly. The correct question to ask would have been:
I have such-and-so script, but i cannot get it to work.
this is what i have done [post code here] and this is what is going wrong [explanation of the problems]
I tried to solve it like this [explain what you have done to get it to work]
J.
Have a look at the attached txt file. Save it as captcha.php
You need <?php session_start(); ?> at the start of your page, and on your form where you want it to appear, use <img src="captcha.php">
also on your form, have a text field called verify or wahtever you want and use this after the form is displayed
if (empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr']) {
do some error message
}
else {
do the restAdRock wrote:also on your form, have a text field called verify or wahtever you want and use this after the form is displayed
[/code]
Thank you AdRock for helping me.
I am not sure I understand your sentence above. My form is on a contact page and the form data are sent to a CGI script of the company hosting my site through the form action element and there is also a redirect to a "thank you for contacting me" page. So, where exactly should I put the code you wrote?
He says that you need to have a text input field on your contact form, where users copy the code from the image. the name of this field you use on the processing page to check whether the correct code was entered, as is normal with these anti-bot images.
edit:
And as with all the dynamic images you do not place the script for the image in yourpages. You safe it externally, and use the script as a source for an image:
<image src="script.php">
Yes I understand for the text input field but where should I place the code below since the CGI script will send the form data before the "thank you" page is displayed:
if (empty($POST['verify']) && $POST['verify'] == $_SESSION['captchstr']) {
do some error message
}
else {
do the rest
You place it on top of your processing script.
However, you would have to do the processing of the script in PhP, as the verification of the captcha occurs server-side.
I tried the above code but no captcha appears on my form although I put <img src="captcha.php" />...
is the GD grphics library instlled on the server?
Also where are you putting the captcha.php file. I have it in my inlcudes directory so I use <img src="includes/captcha.php">
If you have the GD library enables I could look at your code and test it locally
Yes the GD library is installed. The captcha.php file is in the root directory with all my php files.
Here is the html:
<img src="captcha.php" />
<label for="verify"><strong><span class="req">*</span>Ecrire le code :</strong>
<input class="f-name" name="verify" id="verify" size="30" type="text" />
<br />
</label>Is captcha.php in the same directory as this form? What if you visit the captcha.php script directly, do you see an image? Is error_reporting set to E_ALL and display_errors set to On ?
If I visit captcha.php, I get this error: Warning: imagettftext() [function.imagettftext]: Could not find/open font
That means that it could not find or open the font. Have you checked that the font file is where it is supposed to be?
You need to upload an Arial.ttf font to the same directory
Thats why i put the captcha.php script and the font in the includes folder
That should work then
I did not know I needed a font file. The code is displayed now. Thank you.
The trouble is that I am not sure I understand the code I should put on top of my "thank you" page:
if (empty($POST['verify']) && $POST['verify'] == $_SESSION['captchstr']) {
do some error message
}
else {
do the rest
With this code, even if I write the correct captcha, there will be an error...?
Also I put this code on my "thank you" page:
echo ($POST['verify']);
echo ($SESSION['captchstr']);
But it does not print anything in the browser.
Hi JG Mouton,
You may show some self-help too...
if (empty($_POST['verify']) || $_POST['verify'] <> $_SESSION['captchstr']) {
do some error message
}
else {
// do the rest
}
You can check the variables by placinf
print_r($POST);
and
print_r($SESSION);
at the start of your page.
Have a look at my contact form.
There is some form validation in there too
// This is what is displayed in the email subject line
// Change it if you want
$subject = "Message via your contact form";
// This is displayed when the email has been sent
$thankyou_message = "<p>Thankyou. Your message has been sent.</p>";
$self = $_SERVER['REQUEST_URI'];
$name = $_POST['txtName'];
$email = $_POST['txtEmail'];
$message = $_POST['txtMessage'];
$send = $_POST['send'];
$msg="<p>Please fill in this form if you have any queries or suggestions.</p>";
echo ($msg);
$form = "
<form method=\"post\" action=\"$self\">
<p><label for=\"txtName\">Name:</label>
<input type=\"text\" title=\"Please enter your name\" id=\"txtName\" name=\"txtName\" size=\"40\" value=\"$name\" /></p>
<p><label for=\"txtEmail\">Email:</label>
<input type=\"text\" title=\"Please enter your email address\" id=\"txtEmail\" name=\"txtEmail\" size=\"40\" value=\"$email\"/></p>
<p><label for=\"txtMessage\">Comments:</label>
<textarea title=\"Please enter your message\" id=\"txtMessage\" name=\"txtMessage\" rows=\"20\" cols=\"45\">$message</textarea></p>
<p>For security purposes, please enter the image shown in the text box below.</p>
<p><label> </label></p>
<div class=\"captcha\"><img src=\"/includes/captcha.php\" alt=\"security image\" /></div>
<p><label for=\"verify\">Security image:</label>
<input type=\"text\" title=\"Please enter the image text\" id=\"verify\" name=\"verify\" id=\"verify\" size=\"9\" /></p>
<p><label> </label>
<input type=\"submit\" name=\"send\" value=\"Send\" class=\"submit-button\" /></p>
</form>";
if($send)
{
$valid=true;
if( !$name )
{
$errmsg.="Please enter your name:<br />";
$valid=false;
}
if( !$email )
{
$errmsg.="Please enter your email address:<br />";
$valid=false;
}
else
{
$email = trim($email);
$_name = "/^[-!#$%&\'*+\\.\/0-9=?A-Z^_`{|}~]+";
$_host = "([-0-9A-Z]+\.)+";
$_tlds = "([0-9A-Z]){2,4}$/i";
if( !preg_match($_name."@".$_host.$_tlds,$email))
{
$errmsg.="Email address has incorrect format!<br />";
$valid=false;
}
}
if( !$message )
{
$errmsg.="Please enter your message:<br />";
$valid=false;
}
if (empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr'])
{
$errmsg.="Please enter security image:<br />";
$valid=false;
}
}
if( $valid !=true )
{
echo( "<span style=\"font-weight: bold; color:red;\">".$errmsg."</span>" . $form );
}
else {
// Stop the form being used from an external URL
// Get the referring URL
$referer = $_SERVER['HTTP_REFERER'];
// Get the URL of this page
$this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
// If the referring URL and the URL of this page don't match then
// display a message and don't send the email.
if ($referer != $this_url) {
echo "You do not have permission to use this script from another URL.<br />";
echo "If you are behind a firewall please check your referrer settings.";
exit;
}
// The URLs matched so send the email
if( mail($your_email, $subject, $message, "From: $name <$email>"));
{
// Display the thankyou message
echo $thankyou_message;
}
}
?>leatherback wrote:You can check the variables by placinf
print_r($POST);
and
print_r($SESSION);
at the start of your page.
The first command gives an empty array: Array ( ) and the second command gives the correct captcha. That means the form variables are not sent to the "thank you" page. Is it because it is a redirect?