Ajax/PHP 联系表单验证码失败
大家好,我之前发布了一个主题,通过使用 $_SESSION 而不是 $_COOKIE 帮助我解决了之前的问题 但是当我输入正确的验证码时,它仍然说我输入了错误的验证码。我访问了一个网站并生成了带有随机文本的随机 MD5 哈希值,这是我应该做的吗?
我不知道出了什么问题,但这是我所拥有的:
HTML 表单:
<form id="ajax-contact-form" action="javascript:alert('success!');">
<label>Name:*</label><INPUT class="textbox" type="text" name="name" value=""><br />
<label>E-Mail:*</label><INPUT class="textbox" type="text" name="email" value=""><br />
<label>Telephone:</label><INPUT class="textbox" type="text" name=telephone" value="" /><br />
<INPUT class="textbox" type="hidden" name="subject" value="Contact Form" >
<label>Message:*</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25"></TEXTAREA><br />
<tr>
<label>Image Verification:*</label>
<input type="text" name="verify" style="width:200px;" /><img src="verification.php?<?php echo rand(0,9999);?>" width="50" height="24" align="absbottom" />
<label> </label><INPUT class="button" type="submit" name="submit" value="Send Message">
</form>
contactform.php:
<?php
/*
Credits: Bit Repository
URL: http://www.bitrepository.com/
*/
include 'config.php';
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
if($post)
{
include 'functions.php';
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$telephone = stripslashes($_POST['telephone']);
$subject = stripslashes($_POST['subject']);
$message = stripslashes($_POST['message']);
$verify = stripslashes($_POST['verify']);
$error = '';
// Check name
if(!$name)
{
$error .= 'Please enter your name.<br />';
}
// Check email
if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}
if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}
// Check message (length)
if(!$message || strlen($message) < 15)
{
$error .= "Please enter your message. It should have at least 15 characters.<br />";
}
// Check Verification code
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' != $_SESSION['contact_verify'])
{
$error .= 'Image Verification failed.<br />';
}
//Send the Name, Email, Telephone, and Message in a formateed version.
$email_message = "The following message was sent to you in your contact form on domain.com\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $email_message,
"From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());
if($mail)
{
echo 'OK';
}
}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}
}
?>
任何我的verification.php 文件:
<?php
//Declare in the header what kind of file this is
header('Content-type: image/jpeg');
//A nice small image that's to the point
$width = 50;
$height = 24;
//Here we create the image with the sizes declared above and save it to a variable my_image
$my_image = imagecreatetruecolor($width, $height);
//Let's give our image a background color. White sound ok to everyone?
imagefill($my_image, 0, 0, 0xFFFFFF);
//Now we're going to add some noise to the image by placing pixels randomly all over the image
for ($c = 0; $c < 40; $c++){
$x = rand(0,$width-1);
$y = rand(0,$height-1);
imagesetpixel($my_image, $x, $y, 0x000000);
}
$x = rand(1,10);
$y = rand(1,10);
$rand_string = rand(1000,9999);
imagestring($my_image, 5, $x, $y, $rand_string, 0x000000);
/*
We're going to store a ****** in the user's browser so we can call to it
later and confirm they entered the correct verification. The
"decipher_k2s58s4" can be anything you want. It's just our personal
code to be added to the end of the captcha value stored in the ******
as an encrypted string
*/
$_SESSION['contact_verify'] = (md5($rand_string).'098f6bcd4621d373cade4e832627b4f6');
imagejpeg($my_image);
imagedestroy($my_image);
?>
Hey everyone, I posted a topic earlier that helped my previous problem by using $_SESSION instead of $_COOKIE
But when I enter the correct verification number it's still saying that I entered the wrong one. I went to a website and generated a random MD5 hash with random text, is this what I'm supposed to do?
I have no clue what's wrong but here is what I have:
HTML Form:
<form id="ajax-contact-form" action="javascript:alert('success!');">
<label>Name:*</label><INPUT class="textbox" type="text" name="name" value=""><br />
<label>E-Mail:*</label><INPUT class="textbox" type="text" name="email" value=""><br />
<label>Telephone:</label><INPUT class="textbox" type="text" name=telephone" value="" /><br />
<INPUT class="textbox" type="hidden" name="subject" value="Contact Form" >
<label>Message:*</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25"></TEXTAREA><br />
<tr>
<label>Image Verification:*</label>
<input type="text" name="verify" style="width:200px;" /><img src="verification.php?<?php echo rand(0,9999);?>" width="50" height="24" align="absbottom" />
<label> </label><INPUT class="button" type="submit" name="submit" value="Send Message">
</form>
The contactform.php:
<?php
/*
Credits: Bit Repository
URL: http://www.bitrepository.com/
*/
include 'config.php';
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
if($post)
{
include 'functions.php';
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$telephone = stripslashes($_POST['telephone']);
$subject = stripslashes($_POST['subject']);
$message = stripslashes($_POST['message']);
$verify = stripslashes($_POST['verify']);
$error = '';
// Check name
if(!$name)
{
$error .= 'Please enter your name.<br />';
}
// Check email
if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}
if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}
// Check message (length)
if(!$message || strlen($message) < 15)
{
$error .= "Please enter your message. It should have at least 15 characters.<br />";
}
// Check Verification code
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' != $_SESSION['contact_verify'])
{
$error .= 'Image Verification failed.<br />';
}
//Send the Name, Email, Telephone, and Message in a formateed version.
$email_message = "The following message was sent to you in your contact form on domain.com\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $email_message,
"From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());
if($mail)
{
echo 'OK';
}
}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}
}
?>
Any my verification.php file:
<?php
//Declare in the header what kind of file this is
header('Content-type: image/jpeg');
//A nice small image that's to the point
$width = 50;
$height = 24;
//Here we create the image with the sizes declared above and save it to a variable my_image
$my_image = imagecreatetruecolor($width, $height);
//Let's give our image a background color. White sound ok to everyone?
imagefill($my_image, 0, 0, 0xFFFFFF);
//Now we're going to add some noise to the image by placing pixels randomly all over the image
for ($c = 0; $c < 40; $c++){
$x = rand(0,$width-1);
$y = rand(0,$height-1);
imagesetpixel($my_image, $x, $y, 0x000000);
}
$x = rand(1,10);
$y = rand(1,10);
$rand_string = rand(1000,9999);
imagestring($my_image, 5, $x, $y, $rand_string, 0x000000);
/*
We're going to store a ****** in the user's browser so we can call to it
later and confirm they entered the correct verification. The
"decipher_k2s58s4" can be anything you want. It's just our personal
code to be added to the end of the captcha value stored in the ******
as an encrypted string
*/
$_SESSION['contact_verify'] = (md5($rand_string).'098f6bcd4621d373cade4e832627b4f6');
imagejpeg($my_image);
imagedestroy($my_image);
?>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
这似乎是不正确的:
我怀疑您想要附加 $verify 的 md5 和其他哈希值。尝试:
This appears to be incorrect:
I doubt you want to append the md5 of
$verifyand this other hash. Try:我相信您的
verification.php没有session_start();添加
session_start();作为该页面的第一行,看看这是否适用于您的编辑之前的原始代码。唯一不需要执行此操作的情况是使用
require_once或include添加 PHP 文件时。这是因为脚本将从调用它的文件继承它。你如何从 HTML 中调用它,这意味着它不会。每个文件都需要有 session_start();或者他们不能使用
$_SESSION变量。旁注:
您还应该在
verification.php脚本上添加错误报告,以便您可以看到问题;)Your
verification.phpi believe has nosession_start();Add
session_start();as first line on that page see if that works with your original code before you edited it.The only time you don't need to do this is when the PHP file is added with
require_onceorinclude. This is because the script would inherit it from the file that called it. You how ever call it from HTML which means it doesn't.Every file needs to have session_start(); or they cannot use
$_SESSIONvars.Side note:
You should also add error reporting on your
verification.phpscript too so you could see the issue ;)