Guestbook with security code
6 posts by 4 authors in: Forums > CMS Builder
Last Post: January 21, 2011 (RSS)
By videopixel - May 16, 2010 - edited: May 16, 2010
Everything works!!! :-)
Only the security code not... whatever i type inside that box it will send the form...
Any solution or hint?
<?php header('Content-type: text/html; charset=utf-8'); ?>
<?php
$libraryPath = 'admin/lib/viewer_functions.php';
$dirsToCheck = array('blablabla path to my server...');
foreach ($dirsToCheck as $dir) { if (@include_once("$dir$libraryPath")) { break; }}
if (!function_exists('getRecords')) { die("Couldn't load viewer library, check filepath in sourcecode."); }
// submit form
if (@$_REQUEST['submit']) {
// error checking
$errorsAndAlerts = "";
$randomNumber = $_REQUEST['randomNumber'];
if (!@$_REQUEST['name']) { $errorsAndAlerts .= "Please specify Name!<br/>\n"; }
if (!@$_REQUEST['e_mail_address']){ $errorsAndAlerts .= "Please specify E-mail address!<br/>\n"; }
if (!@$_REQUEST['comment']) { $errorsAndAlerts .= "Please specify Comment!<br/>\n"; }
if (!@$_REQUEST['randomNumber']) { $errorsAndAlerts .= "Please specify/verify the Security Code!\n"; }
// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
// add record
// if (!@$errorsAndAlerts) {
if (!@$errorsAndAlerts) {
mysql_query("INSERT INTO `{$TABLE_PREFIX}guestbook` SET
name = '".mysql_escape( $_REQUEST['name'] )."',
e_mail_address = '".mysql_escape( $_REQUEST['e_mail_address'] )."',
comment = '".mysql_escape( $_REQUEST['comment'] )."',
createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '0',
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$recordNum = mysql_insert_id();
// display thanks message and clear form
$errorsAndAlerts = "Thank You for signing my guestbook!";
$_REQUEST = array();
}
}
list($guestbookRecords, $guestbookMetaData) = getRecords(array(
'tableName' => 'guestbook',
'perPage' => '10',
));
?>
<?php $randomNumber = rand(100000,999999); ?>
In the body:
<form method="post" action="">
<input type="hidden" name="submit" value="1" />
<div><input name="name" type="text" value="<?php echo htmlspecialchars(@$_REQUEST['name']) ?>" size="40" /></div>
<div><input name="e_mail_address" type="text" value="<?php echo htmlspecialchars(@$_REQUEST['e_mail_address']) ?>" size="40" /></div>
<div><textarea name="comment" cols="65" rows="6"><?php echo htmlspecialchars(@$_REQUEST['comment']) ?></textarea></div>
<div><?php echo $randomNumber; ?></div>
<div><input name="randomNumber" type="text" id="randomNumber" size="10" /></div>
<div><input type="submit" name="add" value="Sign" id="form_button" class="color" /></div>
<?php if (@$errorsAndAlerts): ?>
<div id="form_status"><?php echo $errorsAndAlerts; ?></div>
<?php endif ?>
<input type="hidden" id="check" name="check" value="<?php echo $randomNumber;?>" />
</form>
Thanks
[:)][:)]
Re: [videopixel] Guestbook with security code
By Jason - May 17, 2010
Currently, the script is only checking to see if something was entered in the random number box, but is not checking to see if it matches the number the server generated. Try adding this line to your error checking:
if (@$_REQUEST['randomNumber']!=@$_REQUEST['check']) { $errorsAndAlerts .= "Please specify/verify the Security Code!\n"; }
Other than that, everything looks good. Nice solution!
Hope this helps.
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] Guestbook with security code
By videopixel - May 17, 2010
Thanks man it worked...
Re: [Jason] Guestbook with security code
(got a lot of spam lately)
Any other way to do this?
http://www.dirkbeckers.be
Re: [videopixel] Guestbook with security code
Try using CAPTCHA http://code.google.com/apis/recaptcha/docs/php.html
There are other postings in this forum on how to integrate CAPTCHA with CMSB. Also the "CMSB Cookbook" has a section, if I remember correctly.
Ragi
northernpenguin
Northern Penguin Technologies
"Any sufficiently advanced technology
is indistinguishable from magic."
........Arthur C. Clarke
Re: [northernpenguin] Guestbook with security code
You're right Ragi,
There are detailed instruction on how to implement Captcha code in the CMSB Cookbook http://www.thecmsbcookbook.com
I personally like Captcha Creator because it's a bit more flexible to restyle, but ReCaptcha is good also.
Best,
Jerry Kornbluth
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php