如何解决如何在提交页面中整合验证验证码
|| 我使用的是简单的Ajax评论系统,现在我不知道如何将Recaptcha集成到提交页面中! AJAX COMMENT.PHP<?php
// Error reporting:
error_reporting(E_ALL^E_NOTICE);
include \"connect.php\";
include \"comment.class.php\";
/*
/ Select all the comments and populate the $comments array with objects
*/
$id = empty($_GET[\'id\'])?0:$_GET[\'id\'];
$comments = array();
$result = mysql_query(\"SELECT * FROM comments where url=\'$id\' ORDER BY id desc\");
while($row = mysql_fetch_assoc($result))
{
$comments[] = new Comment($row);
}
?>
<table width=\"800\" border=\"0\" class=\"komentar\" cellpadding=\"0\" cellspacing=\"0\">
<tr>
<td width=\"480\">
<div id=\"addCommentContainer\" style=\"width:500px; overflow-x:hidden;\">
</div>
<div id=\"main\" style=\"width:500px; overflow-x:hidden;\">
<?php
/*
/ Output the comments one by one:
*/
foreach($comments as $c){
echo $c->markup();
}
?>
</div>
</td>
<td valign=\"top\" width=\"320\">
<table width=\"300\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">
<tr>
<td height=\"16\" background=\"commentfg.png\" style=\"background-repeat:no-repeat;\">
</td>
</tr>
<tr>
<td height=\"20\" background=\"commentfs.png\">
<form id=\"addCommentForm\" method=\"post\" action=\"\">
<div style=\"margin-left:15px; color:white;\">
<label for=\"name\">Vase ime:  </label><br>
<input type=\"text\" name=\"name\" id=\"name\" />
<p><label for=\"email\">Email: (bice sakriven)  </label><br>
<input type=\"text\" name=\"email\" id=\"email\" /></p>
<input type=\"hidden\" name=\"url\" id=\"url\" value=\"<?php $id = empty($_GET[\'id\'])?0:$_GET[\'id\']; echo $id;?>\"/>
<label for=\"body\">Unesite komentar:  </label><br>
<textarea name=\"body\" id=\"body\" cols=\"30\" rows=\"5\" onKeyDown=\"limitText(this.form.body,this.form.countdown,200);\"
onKeyUp=\"limitText(this.form.body,200);\"></textarea><br><br>
Broj preostalih znakova:(max 200):<input readonly type=\"text\" name=\"countdown\" size=\"3\" value=\"200\">
<br>
<script type=\"text/javascript\"
src=\"http://www.google.com/recaptcha/api/challenge?k=6LeQc8MSAAAAAMGe16dslbxCRu3Frs_265JhH88j\">
</script>
<noscript>
<iframe src=\"http://www.google.com/recaptcha/api/noscript?k=6LeQc8MSAAAAAMGe16dslbxCRu3Frs_265JhH88j\"
height=\"300\" width=\"500\" frameborder=\"0\"></iframe><br>
<textarea name=\"recaptcha_challenge_field\" rows=\"3\" cols=\"40\">
</textarea>
<input type=\"hidden\" name=\"recaptcha_response_field\"
value=\"manual_challenge\">
</noscript>
<br>
<input type=\"submit\" id=\"submit\" value=\"Potvrdi\" />
</div>
</form>
</td>
</tr>
<tr>
<td height=\"16\" background=\"commentfd.png\" style=\"background-repeat:no-repeat;\">
</td>
</tr>
</table>
</td>
</tr>
</table>
<script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js\"></script>
<script type=\"text/javascript\" src=\"script.js\"></script>
<?php
class Comment
{
private $data = array();
public function __construct($row)
{
/*
/ The constructor
*/
$this->data = $row;
}
public function markup()
{
/*
/ This method outputs the XHTML markup of the comment
*/
// Setting up an alias,so we don\'t have to write $this->data every time:
$d = &$this->data;
$link_open = \'\';
$link_close = \'\';
// Converting the time to a UNIX timestamp:
$d[\'dt\'] = strtotime($d[\'dt\']);
// Needed for the default gravatar image:
$url = \'http://\'.dirname($_SERVER[\'SERVER_NAME\'].$_SERVER[\"REQUEST_URI\"]).\'/img/default_avatar.png\';
return \'
<div style=\"width:500px; overflow-x:hidden;\">
<table width=\"500\" >
<tr>
<td valign=\"top\" width=\"100\" height=\"120\" background=\"avatar.png\" style=\"background-repeat:no-repeat;\" align=\"center\">
<div class=\"avatar\" style=\"width:100px; overflow-x:hidden; margin-top:10px; \">
\'.$link_open.\'
<img src=\"http://www.gravatar.com/avatar/\'.md5($d[\'email\']).\'?size=50&default=\'.urlencode($url).\'\" />
\'.$link_close.\'
</div>
<div style=\"width:80px; height:40px; overflow:hidden;\">
<font color=\"#47a5db\">\'.$link_open.$d[\'name\'].$link_close.\'</font>
</div>
</td>
<td width=\"400\" valign=\"top\">
<table width=\"400\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">
<tr>
<td height=\"20\" valign=\"bottom\" background=\"commentg.png\" style=\"background-repeat:no-repeat;\">
<div class=\"date\" title=\"Added at \'.date(\'H:i \\o\\n d M Y\',$d[\'dt\']).\'\" style=\"margin-left:10px;\">
<font color=\"silver\" size=\"-1\">\'.date(\'d M Y\',$d[\'dt\']).\'</font>
</div>
</td>
</tr>
<tr>
<td background=\"comments.png\" style=\"background-repeat:repeat-y;\">
<div style=\"width:350px; overflow-x:hidden; margin-top:0px; margin-left:10px;\">
<p><font color=\"white\"><b>\'.$d[\'body\'].\'</b></font></p>
</div>
</td>
</tr>
<tr>
<td height=\"20\" background=\"commentd.png\" style=\"background-repeat:no-repeat;\">
</td>
</tr>
</table>
</td>
</tr>
</table>
</div>
\';
}
public static function validate(&$arr)
{
/*
/ This method is used to validate the data sent via AJAX.
/
/ It return true/false depending on whether the data is valid,and populates
/ the $arr array passed as a paremter (notice the ampersand above) with
/ either the valid input data,or the error messages.
*/
$errors = array();
$data = array();
// Using the filter_input function introduced in PHP 5.2.0
if(!($data[\'email\'] = filter_input(INPUT_POST,\'email\',FILTER_VALIDATE_EMAIL)))
{
$errors[\'email\'] = \'Unesite validan Email!\';
}
if(!($data[\'url\'] = filter_input(INPUT_POST,\'url\',FILTER_CALLBACK,array(\'options\'=>\'Comment::validate_text\'))))
{
// If the URL field was not populated with a valid URL,// act as if no URL was entered at all:
$errors[\'url\'] = \'Please enter a url.\';
}
// Using the filter with a custom callback function:
if(!($data[\'body\'] = filter_input(INPUT_POST,\'body\',array(\'options\'=>\'Comment::validate_text\'))))
{
$errors[\'body\'] = \'Niste uneli komentar!\';
}
if(!($data[\'name\'] = filter_input(INPUT_POST,\'name\',array(\'options\'=>\'Comment::validate_text\'))))
{
$errors[\'name\'] = \'Niste uneli ime!\';
}
if(!empty($errors)){
// If there are errors,copy the $errors array to $arr:
$arr = $errors;
return false;
}
// If the data is valid,sanitize all the data and copy it to $arr:
foreach($data as $k=>$v){
$arr[$k] = mysql_real_escape_string($v);
}
// Ensure that the email is lower case:
$arr[\'email\'] = strtolower(trim($arr[\'email\']));
return true;
}
private static function validate_text($str)
{
/*
/ This method is used internally as a FILTER_CALLBACK
*/
if(mb_strlen($str,\'utf8\')<1)
return false;
// Encode all html special characters (<,>,\",& .. etc) and convert
// the new line characters to <br> tags:
$str = nl2br(htmlspecialchars($str));
// Remove the new line characters that are left
$str = str_replace(array(chr(10),chr(13)),\'\',$str);
return $str;
}
}
?>
<?php
// Error reporting:
error_reporting(E_ALL^E_NOTICE);
include \"connect.php\";
include \"comment.class.php\";
/*
/ This array is going to be populated with either
/ the data that was sent to the script,or the
/ error messages.
/*/
$arr = array();
$validates = Comment::validate($arr);
if($validates)
{
/* Everything is OK,insert to database: */
mysql_query(\" INSERT INTO comments(name,url,email,body)
VALUES (
\'\".$arr[\'name\'].\"\',\'\".$arr[\'url\'].\"\',\'\".$arr[\'email\'].\"\',\'\".$arr[\'body\'].\"\'
)\");
$arr[\'dt\'] = date(\'r\',time());
$arr[\'id\'] = mysql_insert_id();
/*
/ The data in $arr is escaped for the mysql query,/ but we need the unescaped variables,so we apply,/ stripslashes to all the elements in the array:
/*/
$arr = array_map(\'stripslashes\',$arr);
$insertedComment = new Comment($arr);
/* Outputting the markup of the just-inserted comment: */
echo json_encode(array(\'status\'=>1,\'html\'=>$insertedComment->markup()));
}
else
{
/* Outputtng the error messages */
echo \'{\"status\":0,\"errors\":\'.json_encode($arr).\'}\';
}
?>
解决方法
通常
在您的评论(提交)页面上调用验证码脚本。它将值设置为会话变量(例如$ _SESSION [\“ captcha \”])。
在提交表单中输入文本,以在验证码上获取用户的答案(如果验证码脚本未提供)。
在提交脚本中,检查会话值是否匹配用户的输入。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。