Formularz - problem z walidacją captcha


(Bzyt_ek) #1

Witam specjalistów w PHP (bow)

?php
$your_email ='ktostam@10g.pl';// === update to your email address

session_start();
$errors = '';
$name = '';
$visitor_email = '';
$user_temat = '';
$user_message = '';

if(isset($_POST['submit']))
{
       
        $name = $_POST['name'];
        $visitor_email = $_POST['email'];
        $temat = $_POST['temat'];
        $user_message = $_POST['message'];
        ///------------Do Validations-------------
        if(empty($name)||empty($visitor_email))
        {
                $errors .= "\n Name and Email are required fields. ";  
        }
        if(IsInjected($visitor_email))
        {
                $errors .= "\n Bad email value!";
        }
        if(empty($_SESSION['6_letters_code'] ) ||
          strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
        {
        //Note: the captcha code is compared case insensitively.
        //if you want case sensitive match, update the check above to
        // strcmp()
                $errors .= "\n The captcha code does not match!";
        }
       
        if(empty($errors))
        {
                //send the email
                $to = $your_email;
                $subject="New form submission";
                $from = $your_email;
                $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
               
                $body = "A user $name submitted the contact form:\n".
                "Name: $name\n".
                "Email: $visitor_email \n".
                "Title: \n ".
                "Message: \n ".
                "$user_message\n".
                "IP: $ip\n";   
               
                $headers = "From: $from \r\n";
                $headers .= "Reply-To: $visitor_email \r\n";
               
                mail($to, $subject, $body,$headers);
               
                header('Location: thank-you.html');
        }
}

// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}
?
!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"
head
:
:
link rel="stylesheet" type="text/css" href="../moj-styl.css" /
!-- define some style elements--
style type="text/css"
label,a, body
{
        font-family:Helvetica,Tahoma, sans-serif;
        font-size : 14px;
}
.err
{
        font-family : Verdana, Helvetica, sans-serif;
        font-size : 13px;
        color: red;
        background-color:#FEefcd;
        width:300px;
        line-height:15px;
}

/style       
script src="./scripts/gen_validatorv31.js" type="text/javascript"/script
/head
body
div class="d"
div class="d1"/div
div class="d2"br /
!-- tutaj standadowa treść z nagłówkami i tekstem--
fieldset style="border:2px solid #BA9B66"
legendnbsp;Your message to the our webmasternbsp;/legend
table width="500" cellpadding="0" cellspacing="0" style="text-align:left;margin-left:auto;margin-right:auto;" summary="ogolna_tabela"
trtd
 ?php
if(!empty($errors)){
echo "p class='err'".nl2br($errors)."/p";
}
?
div id='contact_form_errorloc' class='err'/div
form method="post" name="contact_form" action="?php echo htmlentities($_SERVER['PHP_SELF']); ?"
table width="100%" style="margin-left:auto;margin-right:auto;" cellpadding="3" cellspacing="2" summary="formularzowa"
tr
 td style="width:31%;"label for='name'Name / Nickname : /label/td
td style="width:69%;"input type="text" id="name" name="name" value='?php echo htmlentities($name) ?' /nbsp;nbsp;span class="cz"*/span
/td
          /tr
tr
 td style="width:31%;"label for='email'Email: /label/td
td style="width:69%;"input type="text" id="email" name="email" value='?php echo htmlentities($visitor_email) ?' /nbsp;nbsp;span class="cz"*/span
/td
          /tr

tr
td style="width:31%;"label for='temat' Title message: /label/td
td style="width:69%;"input type="text" name="temat" id="temat" value='?php echo htmlentities($temat) ?' /nbsp;nbsp;span class="cz"*/span
/td
          /tr
tr
td style="width:31%;" valign="top"label for='message' Your message :/label/td
td style="width:69%;"You have strongspan id="myCounter"150/span/strong characters remaining for your description.br /textarea name="message" onkeypress="return taLimit(this)" onkeyup="return taCount(this,'myCounter')" id="message" rows="5" cols="35"?php echo htmlentities($user_message) ?/textareaspan class="cz"*/span
/td/tr
tr
tdlabel for='message'Enter the code above here :/label/td
tdimg src="./scripts/captcha_code_file.php?rand=?php echo rand(); ?" id='captchaimg' alt="code" /span class="cz"*/spanbr /
input id="6_letters_code" name="6_letters_code" type="text" /br /
Can't read the image? - click a href='javascript#058; refreshCaptcha();' title="Other code" _span class="m2"here/span_ /a to refresh
/td/tr!--poniżej php i div z bledami--

tr
td style="width:31%;"nbsp;/td
td style="width:69%;"input type="submit" value="Submit this message" title="Your notes to webmaster" name='submit' /nbsp;nbsp;nbsp;
/td/tr

/table
/form
script type="text/javascript"
var frmvalidator = new Validator("contact_form");
//remove the following two lines if you like error message box popups
frmvalidator.EnableOnPageErrorDisplaySingleBox();
frmvalidator.EnableMsgsTogether();

frmvalidator.addValidation("name","req","Please provide your name");
frmvalidator.addValidation("temat","req","Please provide your title message");  
frmvalidator.addValidation("email","req","Please provide your email");
frmvalidator.addValidation("email","email","Please enter a valid email address");
/script
script language='JavaScript' type='text/javascript'
function refreshCaptcha()
{
        var img = document.images['captchaimg'];
        img.src = img.src.substring(0,img.src.lastIndexOf("?"))+"?rand="+Math.random()*1000;
}
/script
                /td
  /tr
/table
/fieldset
/divpbr /br //p
/divdiv class="d4"/div
/div
/body
/html

Formularz wczytwany jest do div  id="maincontent"  przy pomocy takiego skryptu:

$(document).ready(function(){$('.openToDiv').click(function(e){e.preventDefault();var url=$(this).attr('href');var newTitle=$(this).attr('title');$('#maincontent').load(url).animate({scrollTop:0},"fast");document.title=newTitle;});});

Walidacja pól formularza w javascript działa.