Page 1 of 1
Captcha questions
Posted: Wed Aug 19, 2009 4:32 am
by giovanni85
Hi
I am a PHP beginner and I have a problem with captcha questions.
I have a contact form and one line displays the security question eg: 4 + 9 and the next line is the answer and in order to submit the form the user needs to give the right answer.
The numbers are randomly generated and to do so I thought about including some PHP inside the HTML tags.
<tr><td valign="top" width="150" ><label>Security Question: </label></td><td valign="top" ><div > 1 + 1 </div><input class="frmText" name="capcha_question" type="hidden" value="2" /></td></tr>
<tr><td valign="top" width="150" ><label>Security Answer: </label></td><td valign="top" ><input name="capcha_answer" type="text" value="" /><span class="required" > *</span></td></tr>
These are the 2 lines mmentioned above.
Can anyone suggest me a common technique ( if there is one) to do this?
I tried several times but it never worked.
Thanx a lot!
Re: Captcha questions
Posted: Wed Aug 19, 2009 5:02 am
by mrvijayakumar
Hello giovanni85,
As per your needs, you should use 2 values to be calculated by using scripts(PHP, JavaScript etc.,) and then only you can validate. This also one possibilities for unsecured the contact form. So, better to use image captcha code. Images cannot read by spammers. So it will avoid spammers too. For image captcha code, Google with keyword " captcha code in php " in search engines. You will find plenty of free codes related to captcha.
Re: Captcha questions
Posted: Wed Aug 19, 2009 5:32 am
by giovanni85
Hello mrvijayakumar
thanx for replying!
I tried to embed PHP random function in the lines I wrote in the first post. The result was something like
<tr><td valign="top" width="150" ><label>Security Question: </label></td><td valign="top" ><div ><?php $random1 = rand(1, 20); $random2 = rand(1, 20); echo $random1; echo "+"; echo $random2; ?> </div><input class="frmText" name="capcha_question_number" type="hidden" value= "<?php $random1 + $random2 ; ?>" /></td></tr>
But it did not work. Maybe there are some errors in the embedding. The idea was to declare a variable in the action page (where it goes after submitting the form) like
$random = $_POST['capcha_question_number'];
and after this I wanted to make a comparison between the answer typed by the user and $random (which should contain $random1 + $random2, shouldn't it?).
But so far no results..
Re: Captcha questions
Posted: Wed Aug 19, 2009 5:59 am
by mrvijayakumar
Hi giovanni85,
I done entire coding for you by using JavaScript. Make use of it. Send me the feedback after using. If u find difficulties, let me know plz.
Note: Save below file as "captcha.php".
Code: Select all
<?php
if(isset($_REQUEST['success'])) {
//proccess your details here
echo "Code verified"; exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Captcha Example</title>
<script language="javascript" type="text/javascript">
function captchachk()
{
var captchavalue = document.form1.captchavalue.value;
var securityanswer = document.form1.securityanswer.value;
if(captchavalue == securityanswer) {
window.location="captcha.php?success";
alert("Security Code Verified");
return true;
} else {
alert("Security Code does not matches"); return false;
}
return true;
}
</script>
</head>
<body>
<form id="form1" name="form1" method="post">
Calculate this value <strong><?php $random1 = rand(1, 20); $random2 = rand(1, 20); echo $random1; echo "+"; echo $random2;?></strong> <input type="hidden" name="captchavalue" value="<?php $cap = $random1 + $random2; echo $cap;?>" />
<input type="text" name="securityanswer" />
<input type="submit" name="Submit" value="Submit" onclick="return captchachk();" />
</form>
</body>
</html>
Re: Captcha questions
Posted: Thu Aug 20, 2009 1:31 pm
by giovanni85
Hi mrvijayakumar
thank you for your help!I sorted it out and your code helped me to understand some things. I managed to rewrite it only in PHP because I don't know javaScript. In the end it worked fine.
I wanted to ask you something about the code: in the line 35 there is this piece of code
Calculate this value <strong><?php $random1 = rand(1, 20); $random2 = rand(1, 20); echo $random1; echo "+"; echo $random2;?></strong> <input type="hidden" name="captchavalue" value="<?php $cap = $random1 + $random2; echo $cap;?>" />
I understood everything, apart from the blue bit. Why is it necessary to echo the variable $cap?
Thanx again for your help!
Giovanni
Re: Captcha questions
Posted: Thu Aug 20, 2009 2:40 pm
by jackpf
That's rather weak captcha tbh, since you're displaying the answer in a hidden input. Any bot could just read that and enter its contents.
Besides, a bot doesn't even use javascript. And there's nothing to stop it submitting directly to the processing page either.
That code would do absolutely nothing to prevent bots spamming you.
You're best off using an image with noise and a random string, and sessions.
Re: Captcha questions
Posted: Sat Aug 22, 2009 2:20 pm
by mrvijayakumar
S dear,
Better to use image captcha code. Code i had written is not secured. It can read by spammers. I mentioned this problem already. So, google for "keyword captcha in PHP".
Re: Captcha questions
Posted: Sun Aug 30, 2009 3:14 am
by kaisellgren
Checking whether there is a "success" in the request does not make sense. Neither does "x plus y" that has only 39 different possibilities. Have a look at
http://www.recaptcha.net it will be fine for you I believe.