contact form captcha issue

ianhaney · May 22, 2016

Hi

I am having bit of a issue with a contact form and captcha code where it is not being validated and working, in my mailer.php script, I just get a blank white page after clicking submit on the contact page

below is my contact form script

<?php
if(!empty($errors)){
echo "<p class='err'>".nl2br($errors)."</p>";
}
?>
<div id='contact_form_errorloc' class='err'></div>
<form method="POST" name="contact_form" action="mailer.php"> 
<p>
<label for='name'>Name: </label><br>
<input type="text" name="name" value='<?php echo htmlentities($name) ?>'>
</p>
<p>
<label for='email'>Email: </label><br>
<input type="text" name="email" value='<?php echo htmlentities($visitor_email) ?>'>
</p>
<p>
<label for='phone'>Phone: </label><br>
<input type="text" name="phone" value='<?php echo htmlentities($phone) ?>'>
</p>

<p>
How Did You Find Us?
<br />
<select name="foundus" required="required">
  <option value="">Select...</option>
  <option value="Google">Google</option>
  <option value="Facebook">Facebook</option>
  <option value="Other">Other</option>
</select>
</p>

<p>
<label for='message'>Message: </label><br>
<textarea name="message" value='<?php echo htmlentities($message) ?>'></textarea>
</p>

<br />

<p>
<img src="captcha_code_file.php?rand=<?php echo rand(); ?>" id='captchaimg' ><br>
<label for='message'>Enter the code above here :</label><br>
<input id="6_letters_code" name="6_letters_code" type="text"><br>
<small>Can't read the image? click <a href='javascript: refreshCaptcha();'>here</a> to refresh</small>
</p>
<br />
<input type="submit" value="Submit" name='submit'>
</form>
<script language="JavaScript">
// Code for validating the form
// Visit http://www.javascript-coder.com/html-form/javascript-form-validation.phtml
// for details
var frmvalidator  = new Validator("contact_form");
//remove the following two lines if you like error message box popups
frmvalidator.EnableOnPageErrorDisplaySingleBox();
frmvalidator.EnableMsgsTogether();

frmvalidator.addValidation("name","req","Please provide your name"); 
frmvalidator.addValidation("email","req","Please provide your email");
frmvalidator.addValidation("email","email","Please enter a valid email address");
frmvalidator.addValidation("phone","req","Please provide your phone number");  

frmvalidator.addValidation("phone","phone","Please enter a valid phone number");
frmvalidator.addValidation("message","req","Please enter your enquiry");
frmvalidator.addValidation("foundus","req","Please select how you found us");
</script>
<script language='JavaScript' type='text/javascript'>
function refreshCaptcha()
{
	var img = document.images['captchaimg'];
	img.src = img.src.substring(0,img.src.lastIndexOf("?"))+"?rand="+Math.random()*1000;
}
</script>

below is my mailer.php script

<?php 

error_reporting(E_ALL);
ini_set('display_errors', 1);

$your_email ='email address';// <<=== update to your email address

session_start();
$errors = '';
$name = '';
$visitor_email = '';
$phone = '';
$foundus = '';
$message = '';

if(isset($_POST['submit']))
{

if(empty($_SESSION['6_letters_code'] ) ||
strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
  {
      //Note: the captcha code is compared case insensitively.
      //if you want case sensitive match, update the check above to
      // strcmp()
    $errors .= "n <div class='contact-text-sitemap'>The captcha code does not match!</div>";
  }

$name = $_POST['name'];
$visitor_email = $_POST['email'];
$phone = $_POST['phone'];
$foundus = $_POST['foundus'];	
$message = $_POST['message'];
///------------Do Validations-------------
if(empty($name)||empty($visitor_email)||empty($phone)||empty($message))
{
	$errors .= "\n Name, Email, Phone and Message are required fields. ";	
}
if(IsInjected($visitor_email))
{
	$errors .= "\n Bad email value!";
}

if(empty($errors))
{
	//send the email
	$to = $your_email;
	$subject="New Website Enquiry";
	$from = $your_email;
	$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';

	$body = "A user  $name submitted the contact form:\n".
	"Name: $name\n".
	"Email: $visitor_email \n".
	"Phone: $phone \n".
	"How Did You Find Us: $foundus \n".
	"Message: \n ".
	"$message\n".

	$headers = "From: $from \r\n";
	$headers .= "Reply-To: $visitor_email \r\n";

	mail($to, $subject, $body,$headers);

	header('Location: thank-you.php');
}
}

// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}
?>

Thank you in advance

ianhaney · May 22, 2016

Sorry have solved the issue, I ended up using the honeypot spam method that I got from the following link and seems to work

http://devgrow.com/simple-php-honey-pot/

contact form captcha issue

Iianhaney

Iianhaney