1. 首頁
  2. 問答
  3. PHP,試圖驗證碼添加到現有的形式

PHP,試圖驗證碼添加到現有的形式

2011-12-20 70 views
2

我不是一個PHP程序員,但用它觸摸,足以把一個接觸的形式。不過,我想添加一個驗證碼字段,現在的作品,但形式不驗證它 - 所以它提出無論什麼PHP,試圖驗證碼添加到現有的形式

任何人可以幫助嗎?如果代碼是不好意思亂,在此先感謝

的,如果我的網頁

 <?php session_start() ?> 
<?php 
     //If the form is submitted 
    if(isset($_POST['submit'])) { 

    //Check to make sure that the name field is not empty 
    if(trim($_POST['name']) == '') { 
     $hasError = true; 
    } else { 
     $name = trim($_POST['name']); 
    } 

     //Check to make sure that the subject field is not empty 
    if(trim($_POST['subject']) == '') { 
     $hasError = true; 
    } else { 
     $subject = trim($_POST['subject']); 
    } 

    //Check to make sure sure that a valid email address is submitted 
    if(trim($_POST['email']) == '') { 
     $hasError = true; 
    } else if (!eregi("^[A-Z0-9._%-][email protected][A-Z0-9._%-]+\.[A-Z]{2,4}$", trim($_POST['email']))) 
    { 
     $hasError = true; 
    } else { 
     $email = trim($_POST['email']); 
    } 

    //Check to make sure comments were entered 
    if(trim($_POST['message']) == '') { 
     $hasError = true; 
    } else { 
    if(function_exists('stripslashes')) { 
     $message = stripslashes(trim($_POST['message'])); 
    } else { 
     $message = trim($_POST['message']); 
    } 

    /*captcha 2*/ 

    if(isset($_POST["captcha"])) { 
     $hasError = true; 
    } else { 
    if($_SESSION["captcha"]==$_POST["captcha"]) { 
    } 
    } 
    //CAPTHCA is valid; proceed the message: save to database, send by e-mail ... 

    //If there is no error, send the email 
    if(!isset($hasError)) { 
     $emailTo = 'email address'; //Put your own email address here 
     $emailTo = 'email address'; //Put your own email address here 
     $body = "Name: $name \n\nEmail: $email \n\nSubject: $subject \n\nMessage:\n $message"; 
     $headers = 'From: website form <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' .   
     $email; 

    mail($emailTo, $subject, $body, $headers); 
     $emailSent = true; 
    } 
    } 
?> 

    Code in the form: 

    [php]<?php if(isset($hasError)) { //If errors are found ?> 

     <p class="error">Please check if you've filled all the fields with valid information.   Thank you.</p> 
    <?php } ?> 

    <?php if(isset($emailSent) && $emailSent == true) { //If email is sent ?> 
     <p><strong>Email Successfully Sent!</strong></p> 
     <p>Thank you <strong><?php echo $name;?></strong> for contacting us. Your email was successfully sent and we will be in touch with you soon.</p> 
     <?php } ?> 

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactform"> 
    <div> 

     <p> 
     <label for="name">Name</label><br /> 
     <input type="text" name="name" value="" id="name" class="required"> 
     </p> 
    </div> 

    <div> 

     <p> 
     <label for="email">Email</label><br /> 
     <input type="text" name="email" value="" id="email" class="required"> 
     </p> 
    </div> 

    <div> 

     <p> 
     <label for="subject">Subject</label><br /> 
     <input type="text" name="subject" value="" id="subject" class="required"> 
     </p> 

    </div> 

    <div style="margin-bottom:25px;"> 

     <p> 
     <label for="message">Message</label><br /> 
     <textarea rows="5" name="message" value="" id="message" class="required"></textarea> 
     </p> 

    </div> 
    <div style="margin-bottom:25px;"> 


     <img src="captcha.php" alt="captcha image"> 
     <p> 
     <label for="captcha">(antispam code, 3 black symbols)</label><br /> 
     <input type="text" name="captcha" maxlength="3" id="captcha" class="required"> 
     </p> 

    </div> 
    <input type="submit" value="Send Message" name="submit" /> 
</form> 
[/php]

來源

2011-12-20 user1108564

+0

請問您的文件有調用session_start()?沒有它,$ _SESSION ['catpcha']將是空的(並且可能會發出通知)。此外,請注意,您應該檢查存儲的驗證碼值是否不爲空。否則,用戶可以簡單地通過不加載圖像來通過驗證碼。 if(!empty($ _ SESSION ['captcha'])&& $ _SESSION ['captcha'] === $ captchaFromUser){valid} – Corbin 2011-12-20 19:56:03

+0

檢查會話存儲的captcha值是否爲空?這是我上面發佈的代碼。順便說一句,$ captchaFromUser將是$ _POST ['captcha']。避免直接訪問$ _POST值而不檢查它們是否被首先設置通常會更好。如果他們沒有設置,那麼你會得到一個通知。 – Corbin 2011-12-20 20:02:30

+0

對不起,我之前沒有看過代碼,所以我已經替換if(isset($ _ POST [「captcha」])) with if(!empty($ _ SESSION ['captcha'])&& $ _SESSION ['captcha'] === $ captchaFromUser) – user1108564 2011-12-20 20:08:24

回答

0

[編輯] 2011-12-20下午8點22 CST - 更新代碼的第二塊與該OP使用最終代碼 - 基於場外聊天。

有寫代碼更好的辦法。我在下面舉一個例子。提出問題,我將用評論解釋來更新代碼。我修改了關於驗證碼的if語句,以便它不需要雙重if。在if語句中使用||(或)會導致PHP在測試第一個條件(如果第一個條件的計算結果爲true)後停止。因此,如果變量沒有設置,它永遠不會進入POST與SESSION的比較。

另外,我默認你的hasError變量設置爲false,以及正在測試的boolean值。這是更好的,因爲它是有意義的。想想那些會追隨你的程序員。如果它有意義,它會更容易處理。 你可能是程序員 :)

[編輯追加session_start();]

<?php 
session_start(); 

// default value 
$hasError = false; 

//If the form is submitted 
if(isset($_POST['submit'])) { 
    //Check to make sure that the name field is not empty 
    if(trim($_POST['name']) == '') { 
     $hasError = true; 
    } else { 
     $name = trim($_POST['name']); 
    } 

    //Check to make sure that the subject field is not empty 
    if(trim($_POST['subject']) == '') { 
     $hasError = true; 
    } else { 
     $subject = trim($_POST['subject']); 
    } 

    //Check to make sure sure that a valid email address is submitted 
    if(trim($_POST['email']) == '') { 
     $hasError = true; 
    } else if (!eregi("^[A-Z0-9._%-][email protected][A-Z0-9._%-]+\.[A-Z]{2,4}$", trim($_POST['email']))) { 
     $hasError = true; 
    } else { 
     $email = trim($_POST['email']); 
    } 

    //Check to make sure comments were entered 
    if(trim($_POST['message']) == '') { 
     $hasError = true; 
    } else { 
     if(function_exists('stripslashes')) { 
      $message = stripslashes(trim($_POST['message'])); 
     } else { 
      $message = trim($_POST['message']); 
     } 
    } 

    if(! isset($_POST["captcha"]) || $_SESSION["captcha"] != $_POST["captcha"]) { 
     $hasError = true; 
     echo 'CAPTHCA is not valid; ignore submission<br>'; 
     echo $_POST['captcha' . ' != ' . $_SESSION['captcha'] . '<br>'; 
    } 

    //If there is no error, send the email 
    if($hasError == false) { 
     $emailTo = '[email protected]'; //Put your own email address here 
     $emailTo = '[email protected]'; //Put your own email address here 
     $body = "Name: $name \n\nEmail: $email \n\nSubject: $subject \n\nMessage:\n $message"; 

     // !!!!!!!!!!!!!!!! REMOVE \r\n from $emailTo or your form will be hacked !!!!!!!!!!!!!!!!!!!!!! 
     $headers = 'From: website form <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' . $email; 

     mail($emailTo, $subject, $body, $headers); 
     $emailSent = true; 
    } else { 

    } 
}

[編輯 - 全碼,編輯和(希望)改善]

<?php 
session_start(); 

function clean_for_email($inbound) 
{ 
    return str_replace(array("\n", "\r"), "", $inbound); 
} 
// I really like the name of this function. :D 
function outputInput($name, $required) 
{ 
    $attribs[] = "name=\"{$name}\""; 
    $attribs[] = "id=\"{$name}\""; 
    $attribs[] = $required?'class="required"':''; 
    $attribs[] = 'type="text"'; 


    if (count($_POST) && array_key_exists($name, $_POST)) 
    { 
     $attribs[] = 'value="' . htmlspecialchars($_POST[$name]) . '"'; 
    } 

    echo '<input ' . implode(' ', $attribs) . '>'; 
} 
//------------------------------------------------------------------------ 
function outputTextarea($name, $required, $rows = 5) 
{ 
    $attribs[] = "name=\"{$name}\""; 
    $attribs[] = "id=\"{$name}\""; 
    $attribs[] = $required?'class="required"':''; 
    $attribs[] = 'rows="5"'; 
    $value = ''; 

    if (count($_POST) && array_key_exists($name, $_POST)) 
    { 
     $value = htmlspecialchars($_POST[$name]); 
    } 

    echo '<textarea ' . implode(' ', $attribs) . '>' . $value . '</textarea>'; 
} 

// default value 
$hasError = false; 
$emailSent = false; 

//If the form is submitted 
if(count($_POST) && isset($_POST['submit'])) { 
    //Check to make sure that the name field is not empty 
    if(trim($_POST['name']) == '') { 
     $hasError = true; 
    } else { 
     $name = trim($_POST['name']); 
    } 

    //Check to make sure that the subject field is not empty 
    if(trim($_POST['subject']) == '') { 
     $hasError = true; 
    } else { 
     $subject = trim($_POST['subject']); 
    } 

    //Check to make sure sure that a valid email address is submitted 
    if(trim($_POST['email']) == '') { 
     $hasError = true; 
    } else if (! preg_match('/^[email protected]+$/i', trim($_POST['email']))) { 
     $hasError = true; 
    } else { 
     $email = trim($_POST['email']); 
    } 

    //Check to make sure comments were entered 
    if(trim($_POST['message']) == '') { 
     $hasError = true; 
    } else { 
     if(function_exists('stripslashes')) { 
      $message = stripslashes(trim($_POST['message'])); 
     } else { 
      $message = trim($_POST['message']); 
     } 
    } 

    if (! array_key_exists('captcha', $_POST) || $_SESSION['captcha'] != $_POST["captcha"]) { 
     $hasError = true; 
    } 

    if(! $hasError) 
    { 
     $captchaValid = true; 
     //If there is no error, send the email 
     if($hasError == false) { 
      $emailTo = 'xxx'; //Put your own email address here 
      $body = "Name: $name \n\nEmail: $email \n\nSubject: $subject \n\nMessage:\n $message"; 
      $headers = 'From: website form <'.clean_for_email($emailTo).'>' . "\r\n" . 'Reply-To: ' . clean_for_email($email); 
      mail($emailTo, $subject, $body, $headers); 
      $emailSent = true; 
     } else { 

     } 
    } 
} 
?> 

<? if($hasError) : ?> 
    <p class="error">Please check if you've filled all the fields with valid information Thank you.</p> 
<? endif; ?> 

<? if($emailSent == true) : ?> 
    <p><strong>Email Successfully Sent!</strong></p> 
    <p>Thank you <strong><?php echo $name;?></strong> for contacting us. Your email was successfully sent and we will be in touch with you soon.</p> 
<? endif; ?> 

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactform"> 
    <div> 
     <p> 
     <label for="name">Name</label><br /> 
     <? outputInput('name', true); ?> 
     </p> 
    </div> 

    <div> 
     <p> 
     <label for="email">Email</label><br /> 
     <? outputInput('email', true); ?> 
     </p> 
    </div> 

    <div> 
     <p> 
     <label for="subject">Subject</label><br /> 
     <? outputInput('subject', true); ?> 
     </p> 
    </div> 

    <div style="margin-bottom:25px;"> 
     <p> 
     <label for="message">Message</label><br /> 
     <? outputTextarea('message', true); ?> 
     </p> 
    </div> 
    <div style="margin-bottom:25px;"> 
     <img src="captcha.php" alt="captcha image"> 
     <p> 
     <label for="captcha">(antispam code, 3 black symbols)</label><br /> 
     <? outputInput('captcha', true); ?> 
     </p> 
    </div> 
    <input type="submit" value="Send Message" name="submit" /> 
</form>

來源

2011-12-20 21:01:28

+0

表單字段被清除,因爲表單代碼中沒有任何內容可以重新輸出剛剛提交的值。 – 2011-12-20 21:16:37

+0

awsome!非常感謝 – user1108564 2011-12-20 21:44:09

+0

頂部的那個?或者只是'驗證碼無效......'的那個。' – user1108564 2011-12-20 22:04:17

0

的頂級代碼(isset($ _ POST [ 「驗證碼」))

你錯過一個括號。

編輯,以顯示整個代碼....支架添加了對失蹤的captcha條件句。原樣,您的代碼沒有檢查驗證碼是否通過發佈設置。它只是根據post變量檢查會話變量。如果兩者都是空白的,表單將郵寄。您可能仍然遇到captcha.php或session變量的問題。

<?php 
     //If the form is submitted 
    if(isset($_POST['submit'])) { 

    //Check to make sure that the name field is not empty 
    if(trim($_POST['name']) == '') { 
     $hasError = true; 
    } else { 
     $name = trim($_POST['name']); 
    } 

     //Check to make sure that the subject field is not empty 
    if(trim($_POST['subject']) == '') { 
     $hasError = true; 
    } else { 
     $subject = trim($_POST['subject']); 
    } 

    //Check to make sure sure that a valid email address is submitted 
    if(trim($_POST['email']) == '') { 
     $hasError = true; 
    } else if (!eregi("^[A-Z0-9._%-][email protected][A-Z0-9._%-]+\.[A-Z]{2,4}$", trim($_POST['email']))) 
    { 
     $hasError = true; 
    } else { 
     $email = trim($_POST['email']); 
    } 

    //Check to make sure comments were entered 
    if(trim($_POST['message']) == '') { 
     $hasError = true; 
    } else { 
    if(function_exists('stripslashes')) { 
     $message = stripslashes(trim($_POST['message'])); 
    } else { 
     $message = trim($_POST['message']); 
    } 
    } 

    /*captcha 2*/ 


    if(isset($_POST["captcha"])) { 
    if($_SESSION["captcha"]==$_POST["captcha"]) 
    { 
    //CAPTHCA is valid; proceed the message: save to database, send by e-mail ... 

    //If there is no error, send the email 
    if(!isset($hasError)) { 
     $emailTo = '[email protected]'; //Put your own email address here 
     $emailTo = '[email protected]'; //Put your own email address here 
     $body = "Name: $name \n\nEmail: $email \n\nSubject: $subject \n\nMessage:\n $message"; 
     $headers = 'From: SJB Projects website form <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' .   $email; 

    mail($emailTo, $subject, $body, $headers); 
     $emailSent = true; 
    } 
    else 
    { 
    echo 'CAPTHCA is not valid; ignore submission'; 
    } 
    } 


    } else { 

    ///message here if CAPTCHA is not set (via post) 

    } 

    } 
    ?> 

    <?php if(isset($hasError)) { //If errors are found ?> 

     <p class="error">Please check if you've filled all the fields with valid information.   Thank you.</p> 
    <?php } ?> 

    <?php if(isset($emailSent) && $emailSent == true) { //If email is sent ?> 
     <p><strong>Email Successfully Sent!</strong></p> 
     <p>Thank you <strong><?php echo $name;?></strong> for contacting SJB Projects. Your email was successfully sent and we will be in touch with you soon.</p> 
     <?php } ?> 

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactform"> 
    <div> 

     <p> 
     <label for="name">Name</label><br /> 
     <input type="text" name="name" value="" id="name" class="required"> 
     </p> 
    </div> 

    <div> 

     <p> 
     <label for="email">Email</label><br /> 
     <input type="text" name="email" value="" id="email" class="required"> 
     </p> 
    </div> 

    <div> 

     <p> 
     <label for="subject">Subject</label><br /> 
     <input type="text" name="subject" value="" id="subject" class="required"> 
     </p> 

    </div> 

    <div style="margin-bottom:25px;"> 

     <p> 
     <label for="message">Message</label><br /> 
     <textarea rows="5" name="message" value="" id="message" class="required"></textarea> 
     </p> 

    </div> 
    <div style="margin-bottom:25px;"> 


     <img src="captcha.php" alt="captcha image"> 
     <p> 
     <label for="captcha">(antispam code, 3 black symbols)</label><br /> 
     <input type="text" name="captcha" maxlength="3" id="captcha" class="required"> 
     </p> 

    </div> 
    <input type="submit" value="Send Message" name="submit" /> 
</form>

來源

2011-12-20 19:54:52 Scott

+0

謝謝 - 我需要在哪裏添加支架?第三個在最後? – user1108564 2011-12-20 19:58:52

+0

它應該是 - if(isset($ _ POST [「captcha」])){ - (在我發佈的行後面的開括號)。只需在底部添加另一個右括號與其他右括號。 – Scott 2011-12-20 20:00:53

+0

我編輯了上面的代碼,它似乎註冊如果驗證碼是正確的,但顯示沒有錯誤,並清除字段,如果它留空.... – user1108564 2011-12-20 20:29:42

相關問題

 相關問題