我在网站上使用自定义php验证码,我无法获取发送电子邮件的php以检查验证码是否已成功完成。这是代码:
表格:
<form method="POST" name="contact_form" action="/templates/onlinespark/contact-form-handler.php">
<label for="name">Name: </label>
<input type="text" name="name" value="<?php echo htmlentities($name); ?>">
<label for='email'>Email: </label>
<input type="text" name="email" value="<?php echo htmlentities($visitor_email); ?>">
<label for="phone">Phone: </label>
<input type="text" name="phone" value='<?php echo htmlentities($phone); ?>'>
<label for="message">Message:</label>
<textarea name="message" rows="8" cols="30"><?php echo htmlentities($user_message); ?></textarea>
<label><img src="/templates/onlinespark/captcha.php"></label>
<input type="text" name="code">
<input type="submit" value="Submit" name="submit" class="quoteButton">
</form>
PHP:contact-form-hander.php
<?php
if (isset($_POST['submit'])) {
$error = "";
if (!empty($_POST['name'])) {
$name = $_POST['name'];
} else {
$error .= "You didn't type in your name. <br />";
}
if (!empty($_POST['phone'])) {
$name = $_POST['phone'];
} else {
$error .= "You didn't enter your phone. <br />";
}
if (!empty($_POST['email'])) {
$email = $_POST['email'];
if (!preg_match("/^[a-z0-9]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email)){
$error .= "The e-mail address you entered is not valid. <br/>";
}
} else {
$error .= "You didn't type in an e-mail address. <br />";
}
if (!empty($_POST['message'])) {
$message = $_POST['message'];
} else {
$error .= "You didn't type in a message. <br />";
}
if(($_POST['code']) == $_SESSION['code']) {
$code = $_POST['code'];
} else {
$error .= "The captcha code you entered does not match. Please try again. <br />";
}
if (empty($error)) {
$from = 'From: ' . $name . ' <' . $email . '>';
$to = "mail@email.com";
$subject = "New contact form message";
$content = $name . " has sent you a message: \n" . $message;
$success = "<h3>Thank you! Your message has been sent!</h3>";
mail($to,$subject,$content,$from);
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>ERROR - Please fill in all fields!</title>
</head>
<body>
<!-- This page is displayed only if there is some error -->
<h1>ERROR - Please go back and fill in all fields!</h1>
<?php
if (!empty($error)) {
echo '<p class="error"><strong>Your message was NOT sent<br/> The following error(s) returned:</strong><br/>' . $error . '</p>';
} elseif (!empty($success)) {
echo $success;
}
?>
</body>
</html>
基本上我需要外部php文件发送邮件以检查验证码是否在发送邮件之前正确完成。目前它似乎一起忽略了验证码。我需要做什么?
谢谢!
答案 0 :(得分:1)
以您的形式:
<?php
session_start(); //important!
$_SESSION['code'] = sha1('Same text as in the image');
?>
<!--form goes here-->
在你的contact-form-hander.php中:
//At top of your code
session_start();
//code
if(sha1($_POST['code']) == $_SESSION['code']) {
$code = $_POST['code'];
} else {
$error .= "The captcha code you entered does not match. Please try again. <br />";
}
//code
sha1()函数将给定值转换为无法破解的哈希值。
你应该使用这个,因为会话存储可以使用开发工具轻松访问,并且机器人可以垃圾邮件你的表单(因为他可以在会话storge中读取)。因此,对验证码中的文本进行编码,并将其与输入文本的编码值进行比较。
session_start()函数创建或恢复会话。
答案 1 :(得分:0)
一种方法是在使用验证码时使用键/值对。获取随机图像(关键字)并比较其值...