Captcha Code Not Getting Validated on Registration Page
Posted: Sat Sep 08, 2012 6:56 am
I've started using user registration my Joomla 1.5 site ...
The spam bots are getting registered on the site
Though i've used a captcha from site -- http://www.white-hat-web-design.co.uk/b ... ty-images/
Its working (without validation) on the registration page link - http://www.mycarhelpline.com/index.php? ... &Itemid=79
However, the same is not getting validated in registration page,
Validation code
In which file / line of Joomla - controller.php, default.php and view.html.php do I need to put in this code.
I have tried permutation / combination on different files at different lines but its not working. Have tried this in controller.php but showing server error
The spam bots are getting registered on the site
Though i've used a captcha from site -- http://www.white-hat-web-design.co.uk/b ... ty-images/
Its working (without validation) on the registration page link - http://www.mycarhelpline.com/index.php? ... &Itemid=79
However, the same is not getting validated in registration page,
Validation code
Code: Select all
session_start();
if( isset($_POST['submit'])) {
if( $_SESSION['security_code'] == $_POST['security_code'] &&
!empty($_SESSION['security_code'] ) ) {
// Insert you code for processing the form here, e.g emailing the
submission, entering it into a database.
echo 'Thank you. Your message said "'.$_POST['message'].'"';
unset($_SESSION['security_code']);
} else {
// Insert your code for showing an error message here
echo 'Sorry, you have provided an invalid security code';
}
} else {
}
In which file / line of Joomla - controller.php, default.php and view.html.php do I need to put in this code.
I have tried permutation / combination on different files at different lines but its not working. Have tried this in controller.php but showing server error
Code: Select all
function register_save()
{
global $mainframe;
// Check for request forgeries
JRequest::checkToken() or jexit( 'Invalid Token' );
session_start();
if( isset($_POST['submit'])) {
if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
// Insert you code for processing the form here, e.g emailing the submission, entering it into a database.
echo 'Thank you.';
unset($_SESSION['security_code']);
} else {
// Insert your code for showing an error message here
echo 'Sorry, you have provided an invalid security code';
}
} else {
// Get required system objects
$user = clone(JFactory::getUser());
$pathway =& $mainframe->getPathway();
$config =& JFactory::getConfig();
$authorize =& JFactory::getACL();
$document =& JFactory::getDocument();
// If user registration is not allowed, show 403 not authorized.
$usersConfig = &JComponentHelper::getParams( 'com_users' );
if ($usersConfig->get('allowUserRegistration') == '0') {
JError::raiseError( 403, JText::_( 'Access Forbidden' ));
return;
}
// Initialize new usertype setting
$newUsertype = $usersConfig->get( 'new_usertype' );
if (!$newUsertype) {
$newUsertype = 'Registered';
}
// Bind the post array to the user object
if (!$user->bind( JRequest::get('post'), 'usertype' )) {
JError::raiseError( 500, $user->getError());
}
// Set some initial user values
$user->set('id', 0);
$user->set('usertype', $newUsertype);
$user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' ));
$date =& JFactory::getDate();
$user->set('registerDate', $date->toMySQL());
// If user activation is turned on, we need to set the activation information
$useractivation = $usersConfig->get( 'useractivation' );
if ($useractivation == '1')
{
jimport('joomla.user.helper');
$user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) );
$user->set('block', '1');
}
// If there was an error with registration, set the message and display form
if ( !$user->save() )
{
JError::raiseWarning('', JText::_( $user->getError()));
$this->register();
return false;
}
// Send registration confirmation mail
$password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
$password = preg_replace('/[\x00-\x1F\x7F]/', '', $password); //Disallow control chars in the email
UserController::_sendMail($user, $password);
// Everything went fine, set relevant message depending upon user activation state and display message
if ( $useractivation == 1 ) {
$message = JText::_( 'REG_COMPLETE_ACTIVATE' );
} else {
$message = JText::_( 'REG_COMPLETE' );
}
$this->setRedirect('*********', $message);
}