Intergrating addForm.php and google captcha
6 posts by 2 authors in: Forums > CMS Builder
Last Post: February 22, 2011 (RSS)
By JeffC - February 22, 2011
I have attached my code which, at the moment, validates all of my fields but submits the form regardless of whether the captcha form is completed or not.
Thanks
<?php
require_once "cmsAdmin/lib/viewer_functions.php";
// submit form
if (@$_REQUEST['submit']) {
// error checking
$errorsAndAlerts = "";
if (!@$_REQUEST['first_name']) { $errorsAndAlerts .= "Please enter your first name<br/>\n"; }
if (!@$_REQUEST['title']) { $errorsAndAlerts .= "Please enter your surname<br/>\n"; }
if (!@$_REQUEST['address_1']) { $errorsAndAlerts .= "Please enter your address<br/>\n"; }
if (!@$_REQUEST['town']) { $errorsAndAlerts .= "Please enter your town<br/>\n"; }
if (!@$_REQUEST['county']) { $errorsAndAlerts .= "Please enter your county<br/>\n"; }
if (!@$_REQUEST['postcode']) { $errorsAndAlerts .= "Please enter your postcode<br/>\n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address<br/>\n"; }
if (!@$_REQUEST['type']) { $errorsAndAlerts .= "Please select your interest<br/>\n"; }
if (!@$_REQUEST['answer']) { $errorsAndAlerts .= "Please enter your answer<br/>\n"; }
if (!@$_REQUEST['age']) { $errorsAndAlerts .= "Please confirm that you are over 18<br/>\n"; }
// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
// add record
if (!@$errorsAndAlerts) {
mysql_query("INSERT INTO `{$TABLE_PREFIX}contacts` SET
title = '".mysql_real_escape_string( $_REQUEST['title'] )."',
first_name = '".mysql_real_escape_string( $_REQUEST['first_name'] )."',
address_1 = '".mysql_real_escape_string( $_REQUEST['address_1'] )."',
address_2 = '".mysql_real_escape_string( $_REQUEST['address_2'] )."',
address_3 = '".mysql_real_escape_string( $_REQUEST['address_3'] )."',
town = '".mysql_real_escape_string( $_REQUEST['town'] )."',
county = '".mysql_real_escape_string( $_REQUEST['county'] )."',
postcode = '".mysql_real_escape_string( $_REQUEST['postcode'] )."',
email = '".mysql_real_escape_string( $_REQUEST['email'] )."',
answer = '".mysql_real_escape_string( $_REQUEST['answer'] )."',
type = '".mysql_real_escape_string( $_REQUEST['type'] )."',
age = '".(@$_REQUEST['age'] ? '1' : '0')."',
newsletter_sign_up = '".(@$_REQUEST['newsletter_sign_up'] ? '1' : '0')."',
thirdparty_sign_up = '".(@$_REQUEST['thirdparty_sign_up'] ? '1' : '0')."',
compreference = 'competitionentry',
createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '0',
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$recordNum = mysql_insert_id();
// display thanks message and clear form
$errorsAndAlerts = "Thanks, we have received your entry";
$_REQUEST = array();
}
}
?>
<form method="post" action="">
<input type="hidden" name="submit" value="1" />
<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-size: 0.8em; font-weight: normal; padding-left: 10px;"><br/>
<?php echo $errorsAndAlerts; ?><br/><br/>
</div>
<?php endif ?>
<div style="font-weight: normal; font-size: 0.8em; line-height: 2.4em; padding-left: 10px;"><br/>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="120" valign="top">First name</td>
<td><input type="text" name="first_name" value="<?php echo htmlspecialchars(@$_REQUEST['first_name']) ?>" size="30" /></td></td>
</tr>
<tr>
<td valign="top">Surname</td>
<td><input type="text" name="title" value="<?php echo htmlspecialchars(@$_REQUEST['title']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Address</td>
<td><input type="text" name="address_1" value="<?php echo htmlspecialchars(@$_REQUEST['address_1']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Address</td>
<td><input type="text" name="address_2" value="<?php echo htmlspecialchars(@$_REQUEST['address_2']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Address</td>
<td><input type="text" name="address_3" value="<?php echo htmlspecialchars(@$_REQUEST['address_3']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Town</td>
<td><input type="text" name="town" value="<?php echo htmlspecialchars(@$_REQUEST['town']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">County</td>
<td><input type="text" name="county" value="<?php echo htmlspecialchars(@$_REQUEST['county']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Postcode</td>
<td><input type="text" name="postcode" value="<?php echo htmlspecialchars(@$_REQUEST['postcode']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Email address</td>
<td><input type="text" name="email" value="<?php echo htmlspecialchars(@$_REQUEST['email']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Answer</td>
<td><input type="text" name="answer" value="<?php echo htmlspecialchars(@$_REQUEST['answer']) ?>" size="30" /></td>
</tr>
</table>
</div>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<table>
<tr>
<td><select name="type"/>
<option selected="selected">Please select one</option>
<option value="I am a restaurant or pub/bar owner" <?php selectedIf(@$_REQUEST['I am a restaurant or pub/bar owner'], 'I am a restaurant or pub/bar owner') ?>>I am a restaurant or pub/bar owner</option>
<option value="I am a food or drink producer" <?php selectedIf(@$_REQUEST['I am a food or drink producer'], 'I am a food or drink producer') ?>>I am a food or drink producer</option>
<option value="I am a food or drink retailer" <?php selectedIf(@$_REQUEST['I am a food or drink retailer'], 'I am a food or drink retailer') ?>>I am a food or drink retailer</option>
<option value="None of the above – I am just interested in Devon’s food and drink" <?php selectedIf(@$_REQUEST['None of the above – I am just interested in Devon’s food and drink'], 'None of the above – I am just interested in Devon’s food and drink') ?>>None of the above – I am just interested in Devon’s food and drink</option>
</td>
</tr>
</table>
</div>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<table>
<tr>
<td valign="top">
I am 18 years of age or over. <input name="age" type="checkbox" value="1" <?php checkedIf(@$_REQUEST['age'], '1') ?>" />
</td>
</tr>
</table>
</div>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<table>
<tr>
<td valign="top">
I would like to sign up to the Taste Buds newsletter to receive details of competitions and food news directly to my inbox. <input name="newsletter_sign_up" type="checkbox" value="1" <?php checkedIf(@$_REQUEST['newsletter_sign_up'], '1') ?>" />
</td>
</tr>
</table>
</div>
<? require_once('recaptchalib.php');
$publickey = "6Ld2VcESAAAAANFpaR0q68xytkVtV5olldvk0OkP"; // you got this from the signup page
echo recaptcha_get_html($publickey);?>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<input type="submit" name="add" value="Submit your entry >" />
</div>
</form>
Re: [Jeffncou] Intergrating addForm.php and google captcha
By Jason - February 22, 2011
You need to use the recaptcha code to validate what the user entered. You'd do this in the code after the form has submitted as part of your error checking. This is the code as posted on the recaptcha page:
<?php
require_once('recaptchalib.php');
$privatekey = "your_private_key";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}
?>
You can modify this code to add the error message to your $errorsAndAlerts variable instead of using "die"
Hope this helps
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] Intergrating addForm.php and google captcha
By JeffC - February 22, 2011
Thanks for the reply. I haven't fully understood what you have told me to do.
I now get this error message: http://www.tastebudsmagazine.co.uk/addForm.php
Does this mean it is looking for a field called 'recaptcha_response_field' in my CMS Builder db? How do I put this right
For your ref here is my complete code
<?php
require_once "cmsAdmin/lib/viewer_functions.php";
// submit form
if (@$_REQUEST['submit']) {
// error checking
$errorsAndAlerts = "";
if (!@$_REQUEST['first_name']) { $errorsAndAlerts .= "Please enter your first name<br/>\n"; }
if (!@$_REQUEST['title']) { $errorsAndAlerts .= "Please enter your surname<br/>\n"; }
if (!@$_REQUEST['address_1']) { $errorsAndAlerts .= "Please enter your address<br/>\n"; }
if (!@$_REQUEST['town']) { $errorsAndAlerts .= "Please enter your town<br/>\n"; }
if (!@$_REQUEST['county']) { $errorsAndAlerts .= "Please enter your county<br/>\n"; }
if (!@$_REQUEST['postcode']) { $errorsAndAlerts .= "Please enter your postcode<br/>\n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address<br/>\n"; }
if (!@$_REQUEST['type']) { $errorsAndAlerts .= "Please select your interest<br/>\n"; }
if (!@$_REQUEST['answer']) { $errorsAndAlerts .= "Please enter your answer<br/>\n"; }
if (!@$_REQUEST['age']) { $errorsAndAlerts .= "Please confirm that you are over 18<br/>\n"; }
// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
// add record
if (!@$errorsAndAlerts) {
mysql_query("INSERT INTO `{$TABLE_PREFIX}contacts` SET
title = '".mysql_real_escape_string( $_REQUEST['title'] )."',
first_name = '".mysql_real_escape_string( $_REQUEST['first_name'] )."',
address_1 = '".mysql_real_escape_string( $_REQUEST['address_1'] )."',
address_2 = '".mysql_real_escape_string( $_REQUEST['address_2'] )."',
address_3 = '".mysql_real_escape_string( $_REQUEST['address_3'] )."',
town = '".mysql_real_escape_string( $_REQUEST['town'] )."',
county = '".mysql_real_escape_string( $_REQUEST['county'] )."',
postcode = '".mysql_real_escape_string( $_REQUEST['postcode'] )."',
email = '".mysql_real_escape_string( $_REQUEST['email'] )."',
answer = '".mysql_real_escape_string( $_REQUEST['answer'] )."',
type = '".mysql_real_escape_string( $_REQUEST['type'] )."',
age = '".(@$_REQUEST['age'] ? '1' : '0')."',
newsletter_sign_up = '".(@$_REQUEST['newsletter_sign_up'] ? '1' : '0')."',
thirdparty_sign_up = '".(@$_REQUEST['thirdparty_sign_up'] ? '1' : '0')."',
compreference = 'competitionentry',
createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '0',
updatedByUserNum = '0'")
or die("MySQL Error Creating Record:<br/>\n". htmlspecialchars(mysql_error()) . "\n");
$recordNum = mysql_insert_id();
// display thanks message and clear form
$errorsAndAlerts = "Thanks, we have received your entry";
$_REQUEST = array();
}
}
?>
<form method="post" action="">
<input type="hidden" name="submit" value="1" />
<?php if (@$errorsAndAlerts): ?>
<div style="color: red; font-size: 0.8em; font-weight: normal; padding-left: 10px;"><br/>
<?php echo $errorsAndAlerts; ?><br/><br/>
</div>
<?php endif ?>
<div style="font-weight: normal; font-size: 0.8em; line-height: 2.4em; padding-left: 10px;"><br/>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="120" valign="top">First name</td>
<td><input type="text" name="first_name" value="<?php echo htmlspecialchars(@$_REQUEST['first_name']) ?>" size="30" /></td></td>
</tr>
<tr>
<td valign="top">Surname</td>
<td><input type="text" name="title" value="<?php echo htmlspecialchars(@$_REQUEST['title']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Address</td>
<td><input type="text" name="address_1" value="<?php echo htmlspecialchars(@$_REQUEST['address_1']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Address</td>
<td><input type="text" name="address_2" value="<?php echo htmlspecialchars(@$_REQUEST['address_2']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Address</td>
<td><input type="text" name="address_3" value="<?php echo htmlspecialchars(@$_REQUEST['address_3']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Town</td>
<td><input type="text" name="town" value="<?php echo htmlspecialchars(@$_REQUEST['town']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">County</td>
<td><input type="text" name="county" value="<?php echo htmlspecialchars(@$_REQUEST['county']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Postcode</td>
<td><input type="text" name="postcode" value="<?php echo htmlspecialchars(@$_REQUEST['postcode']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Email address</td>
<td><input type="text" name="email" value="<?php echo htmlspecialchars(@$_REQUEST['email']) ?>" size="30" /></td>
</tr>
<tr>
<td valign="top">Answer</td>
<td><input type="text" name="answer" value="<?php echo htmlspecialchars(@$_REQUEST['answer']) ?>" size="30" /></td>
</tr>
</table>
</div>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<table>
<tr>
<td><select name="type"/>
<option selected="selected">Please select one</option>
<option value="I am a restaurant or pub/bar owner" <?php selectedIf(@$_REQUEST['I am a restaurant or pub/bar owner'], 'I am a restaurant or pub/bar owner') ?>>I am a restaurant or pub/bar owner</option>
<option value="I am a food or drink producer" <?php selectedIf(@$_REQUEST['I am a food or drink producer'], 'I am a food or drink producer') ?>>I am a food or drink producer</option>
<option value="I am a food or drink retailer" <?php selectedIf(@$_REQUEST['I am a food or drink retailer'], 'I am a food or drink retailer') ?>>I am a food or drink retailer</option>
<option value="None of the above – I am just interested in Devon’s food and drink" <?php selectedIf(@$_REQUEST['None of the above – I am just interested in Devon’s food and drink'], 'None of the above – I am just interested in Devon’s food and drink') ?>>None of the above – I am just interested in Devon’s food and drink</option>
</td>
</tr>
</table>
</div>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<table>
<tr>
<td valign="top">
I am 18 years of age or over. <input name="age" type="checkbox" value="1" <?php checkedIf(@$_REQUEST['age'], '1') ?>" />
</td>
</tr>
</table>
</div>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<table>
<tr>
<td valign="top">
I would like to sign up to the Taste Buds newsletter to receive details of competitions and food news directly to my inbox. <input name="newsletter_sign_up" type="checkbox" value="1" <?php checkedIf(@$_REQUEST['newsletter_sign_up'], '1') ?>" />
</td>
</tr>
</table>
</div>
<?php require_once('recaptchalib.php');
$publickey = "6Ld2VcESAAAAANFpaR0q68xytkVtV5olldvk0OkP"; // you got this from the signup page
echo recaptcha_get_html($publickey);
$privatekey = "6Ld2VcESAAAAAI4J2dFn_pbMvgXm_LBnbXrxA_jI";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
"(reCAPTCHA said: " . $resp->error . ")");
}
?>
<div style="font-weight: normal; font-size: 0.8em; line-height: 1.6em; padding-left: 10px;"><br/>
<input type="submit" name="add" value="Submit your entry >" />
</div>
</form>
Re: [Jeffncou] Intergrating addForm.php and google captcha
By Jason - February 22, 2011
You don't want to have that code at the bottom of your page, you'll want it up at the top where the error checking takes place. Try something like this:
$errorsAndAlerts = "";
$privatekey = "6Ld2VcESAAAAAI4J2dFn_pbMvgXm_LBnbXrxA_jI";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
// error checking
if (!$resp->is_valid) {$errorsAndAlerts .= "The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ") <br/>\n";}
if (!@$_REQUEST['first_name']) { $errorsAndAlerts .= "Please enter your first name<br/>\n"; }
if (!@$_REQUEST['title']) { $errorsAndAlerts .= "Please enter your surname<br/>\n"; }
if (!@$_REQUEST['address_1']) { $errorsAndAlerts .= "Please enter your address<br/>\n"; }
if (!@$_REQUEST['town']) { $errorsAndAlerts .= "Please enter your town<br/>\n"; }
if (!@$_REQUEST['county']) { $errorsAndAlerts .= "Please enter your county<br/>\n"; }
if (!@$_REQUEST['postcode']) { $errorsAndAlerts .= "Please enter your postcode<br/>\n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts .= "Please enter your email address<br/>\n"; }
if (!@$_REQUEST['type']) { $errorsAndAlerts .= "Please select your interest<br/>\n"; }
if (!@$_REQUEST['answer']) { $errorsAndAlerts .= "Please enter your answer<br/>\n"; }
if (!@$_REQUEST['age']) { $errorsAndAlerts .= "Please confirm that you are over 18<br/>\n"; }
Hope this helps
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/
Re: [Jason] Intergrating addForm.php and google captcha
By JeffC - February 22, 2011 - edited: February 22, 2011
That didn't quite work as it still returned an error.
However I added the following line:
<?php
require_once "cmsAdmin/lib/viewer_functions.php";
require_once "recaptchalib.php";
and that seems to have done the trick.
Thanks for your help.
On a separate issue I received an email promoting this product today. You may want to check it out, note the name...
http://www.webassist.com/dreamweaver-extensions/cms-builder/?lid=websitebuilders
Re: [Jeffncou] Intergrating addForm.php and google captcha
By Jason - February 22, 2011
Glad that's working for you now.
Also, thanks for sending us that link. I'll pass it on and look into it.
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/