【发布时间】:2012-10-26 14:48:08
【问题描述】:
您好,我使用了一个基本的验证码脚本,如下所示。我面临的问题是,尽管验证码值错误,但仍提交了表单。如果 Captcha 的值输入错误,我需要阻止表单提交。
<?php
if(isset($_POST['submit']))
{
$hash = (!empty($_POST['hash'])) ? preg_replace('/[\W]/i', '', trim($_POST['hash'])) : ''; // Remove any non alphanumeric characters to prevent exploit attempts
$captchacode = (!empty($_POST['captchacode'])) ? preg_replace('/[\W]/i', '', trim($_POST['captchacode'])) : ''; // Remove any non alphanumeric characters to prevent exploit attempts
// function to check the submitted captcha
function captchaChars($hash)
{
// Generate a 32 character string by getting the MD5 hash of the servers name with the hash added to the end.
// Adding the servers name means outside sources cannot just work out the characters from the hash
$captchastr = strtolower(md5($_SERVER['SERVER_NAME'] . $hash));
$captchastr2 = '';
for($i = 0; $i <= 28; $i += 7)
{
$captchastr2 .= $captchastr[$i];
}
return $captchastr2;
}
if(!empty($captchacode))
{
if(strtolower($captchacode) == captchaChars($hash)) // We convert submitted characters to lower case then compare with the expected answer
{
echo '<h3>The submitted characters were correct</h3>';
}
else
{
echo '<h3>The submitted characters were WRONG!</h3>';
return true;
}
}
else
{
echo '<h3>You forgot to fill in the code!</h3>';
return true;
}
}
?>
【问题讨论】:
-
能否请您发布表单处理器的完整代码?您发布的内容不足以解决问题。
标签: forms captcha form-submit