我一直在查看语句在域http://bambooflooringcapetown.net/recap.php
上显示为文本的情况你可以亲眼看看。
我正在尝试将Securimage应用到我的表单中,但遇到了麻烦。
我正在使用的Captcha: http://www.phpcaptcha.org/documentation/quickstart-guide/
当前代码:
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
session_start();
?>
<div>
<?php
require_once 'securimage/securimage.php';
// Code Validation
$image = new Securimage();
if ($image->check($_POST['captcha_code']) == true) {
echo "Correct!";
} else {
echo "Sorry, wrong code.";
}
require_once 'securimage/securimage.php';
echo Securimage::getCaptchaHtml();
?>
</div>
<style>
#newheadform
{
position: relative;
top: -15px;
left: 700px;
width: 280px;
height: 361px;
border: 1px solid #<?php echo $Config['bodyFontColour']; ?>;
background-color: #<?php echo $Config['bodyColour']; ?>;
color: #<?php echo $Config['bodyFontColour']; ?>;
opacity: 0.85;
padding: 10px;
z-index: 100;
font-family: sans-serif;
}
#newheadform input[type=text], #newheadform textarea
{
border: 1px solid #000;
width: 96%;
}
</style>
<!-- NEW ENQUIRY FORM START -->
<form method="post" action="">
<table id="newheadform" cellpadding="5" cellspacing="0">
<tr><th colspan="2" align="center"><font size="5">Email us now</font></th></tr>
<tr><td>Name*:</td><td><input type="text" name="name"/></td></tr>
<tr><td>Phone*:</td><td><input type="text" name="number"/></td></tr>
<tr><td>Email*:</td><td><input type="text" name="email"/></td></tr>
<tr><td colspan="2">Message:</td></tr>
<tr><td colspan="2"><textarea name="message" style="height: 50px;"></textarea></td></tr>
<tr><td colspan="2" align="center">
<input type="text" name="captcha_code" size="10" maxlength="6" />
<a href="#" onclick="document.getElementById('captcha').src = '/securimage/securimage_show.php?' + Math.random(); return false">Different Image</a>
<?php if(isset($_POST['number']))
{
if(empty($_POST['name']) || empty($_POST['number']) || empty($_POST['email']))
echo '<font color="red" size="1"><b>* These fields are compulsory</b></font><br/><br/>';
else
{
$headers='From: '.$_POST['email']."rn";
$headers.='Reply-To: '.$_POST['email']."rn";
$headers.='X-Mailer: PHP/'.phpversion();
$body='You received a contact request from '.$_POST['name'].' ('.$_POST['email'].') on your site '.$domainname."rn";
$body.='Contact number: '.$_POST['number']."rnrn";
if(!empty($_POST['message'])) $body.=$_POST['message'];
if(mail($_SESSION['contact3'],'New Enquiry from '.$domainname,$body,$headers))
echo '<font color="green"><b>Your email has been sent</b></font><br/>';
}
}
?>
<img id="captcha" src="securimage/securimage_show.php" alt="CAPTCHA Image" />
<input type="button" name="send" value="Send"/></td></tr>
</table>
</form>
<!-- NEW ENQUIRY FORM END -->
没有验证的原始代码
<!-- NEW ENQUIRY FORM START -->
<style>
#newheadform
{
position: relative;
top: -15px;
left: 700px;
width: 280px;
height: 361px;
border: 1px solid #<?php echo $Config['bodyFontColour']; ?>;
background-color: #<?php echo $Config['bodyColour']; ?>;
color: #<?php echo $Config['bodyFontColour']; ?>;
opacity: 0.85;
padding: 10px;
z-index: 100;
font-family: sans-serif;
}
#newheadform input[type=text], #newheadform textarea
{
border: 1px solid #000;
width: 96%;
}
</style>
<form method="post" name="newheadformform">
<table id="newheadform" cellpadding="5" cellspacing="0">
<tr><th colspan="2" align="center"><font size="5">Email us now</font></th></tr>
<tr><td>Name*:</td><td><input type="text" name="name"/></td></tr>
<tr><td>Phone*:</td><td><input type="text" name="number"/></td></tr>
<tr><td>Email*:</td><td><input type="text" name="email"/></td></tr>
<tr><td colspan="2">Message:</td></tr>
<tr><td colspan="2"><textarea name="message" style="height: 50px;"></textarea></td></tr>
<tr><td colspan="2" align="center">
<?php if(isset($_POST['number']))
{
if(empty($_POST['name']) || empty($_POST['number']) || empty($_POST['email']))
echo '<font color="red" size="1"><b>* These fields are compulsory</b></font><br/><br/>';
else
{
$headers='From: '.$_POST['email']."rn";
$headers.='Reply-To: '.$_POST['email']."rn";
$headers.='X-Mailer: PHP/'.phpversion();
$body='You received a contact request from '.$_POST['name'].' ('.$_POST['email'].') on your site '.$domainname."rn";
$body.='Contact number: '.$_POST['number']."rnrn";
if(!empty($_POST['message'])) $body.=$_POST['message'];
if(mail($_SESSION['contact3'],'New Enquiry from '.$domainname,$body,$headers))
echo '<font color="green"><b>Your email has been sent</b></font><br/>';
}
}
else echo '<font size="1">* Compulsory</font><br/><br/>'; ?>
Calculate*: <span id="num1"></span> + <span id="num2"></span> <input type="number" name="calculate" placeholder="" /><br><br>
<input type="button" name="send" value="Send"/></td></tr>
</table>
</form>
<script type="text/javascript">
$(document).ready(function(e) {
var number1 = Math.floor(Math.random()*12)+1;
var number2 = Math.floor(Math.random()*12)+1;
$('#num1').append(number1);
$('#num2').append(number2);
$('input[name=send]').click(function(){
var total = number1 + number2;
var answer = $('input[name=calculate]').val();
if(total !== parseInt(answer)){
alert("Please enter the correct calculation to send your enquiry.");
} else {
document.newheadformform.submit();
return false;
}
});
});
</script>
<!-- NEW ENQUIRY FORM END -->
答案 0 :(得分:1)
另一种选择是使用蜜罐方法。
蜜罐字段是表单上的不可见字段。隐形不同于隐藏。隐藏是一种不显示用于编辑的字段。机器人了解隐藏的字段,因为隐藏的字段通常带有必须完整返回的识别信息。不可见字段是普通的可编辑字段,在浏览器中不可见。
蜜罐字段的隐形是机器人揭示自己的关键方式。因为机器人不处理表单中的整个HTML,CSS和Javascript,并且因为它们不构建页面的可视化表示,并且因为它们不像人们那样感知表单,所以它们无法区分不可见的字段和可见的。他们会将数据放入蜜罐领域,因为他们不知道更好。
在缺点方面,如果机器人程序员以某种方式(手动?)识别你的蜜罐,并调整他的机器人跳过蜜罐字段,那么你就搞砸了。验证码将迫使机器人程序员开发图像识别应用程序。
因此,尽管人类更容易,但对机器人来说也更容易。
您还可以使用服务器端会话变量来存储用户第一次访问表单的时间。然后在提交页面上调用该变量。如果它在几秒钟之内,那么机会就是机器人。这可以很好地工作,因为机器人不知道服务器上发生了什么。