我使用的是自定义验证码,但即使代码不正确,它也会提交表单,这是索引页面的主要代码
$(document).ready(function() {
$('#Send').click(function() {
// name validation
var nameVal = $("#name").val();
if(nameVal == '') {
$("#name_error").html('');
$("#name").after('<label class="error" id="name_error">Please enter your name.</label>');
return false
}
else
{
$("#name_error").html('');
}
/// email validation
var emailReg = /^([\w-\.]+@([\w-]+\.)+[\w-]{2,4})?$/;
var emailaddressVal = $("#email").val();
if(emailaddressVal == '') {
$("#email_error").html('');
$("#email").after('<label class="error" id="email_error">Please enter your email address.</label>');
return false
}
else if(!emailReg.test(emailaddressVal)) {
$("#email_error").html('');
$("#email").after('<label class="error" id="email_error">Enter a valid email address.</label>');
return false
}
else
{
$("#email_error").html('');
}
$.post("post.php?"+$("#MYFORM").serialize(), {
}, function(response){
if(response==1)
{
$("#after_submit").html('');
$("#Send").after('<label class="success" id="after_submit">Your message has been submitted.</label>');
change_captcha();
clear_form();
}
else
{
$("#after_submit").html('');
$("#Send").after('<label class="error" id="after_submit">Error ! invalid captcha code .</label>');
}
});
return false;
});
// refresh captcha
$('img#refresh').click(function() {
change_captcha();
});
function change_captcha()
{
document.getElementById('captcha').src="get_captcha.php?rnd=" + Math.random();
}
function clear_form()
{
$("#name").val('');
$("#email").val('');
$("#message").val('');
}
});
index.php代码(session_start位于文件的开头)
<form action="#" name="MYFORM" id="MYFORM">
<label>Name</label>
<input name="name" size="30" type="text" id="name">
<br clear="all" />
<label>Email</label>
<input name="email" size="30" type="text" id="email">
<br clear="all" />
<label>Message</label>
<textarea id="message" name="message"></textarea>
<br clear="all" />
<div id="wrap" align="center">
<img src="get_captcha.php" alt="" id="captcha" />
<br clear="all" />
<input name="code" type="text" id="code">
</div>
<img src="refresh.jpg" width="25" alt="" id="refresh" />
<br clear="all" /><br clear="all" />
<label> </label>
<input value="Send" type="submit" id="Send">
</form>
post.php代码
session_start();
if(@$_REQUEST['code'] || @strtolower($_REQUEST['code']) == strtolower($_SESSION['random_number']))
{
echo 1;// submitted
}
else
{
echo 0; // invalid code
}
get_captcha.php文件
session_start();
$string = '';
for ($i = 0; $i < 5; $i++) {
$string .= chr(rand(97, 122));
}
$_SESSION['random_number'] = $string;
$dir = 'fonts/';
$image = imagecreatetruecolor(165, 50);
$num = rand(1,2);
if($num==1)
{
$font = "Capture it 2.ttf"; // font style
}
else
{
$font = "Molot.otf";// font style
}
$num2 = rand(1,2);
if($num2==1)
{
$color = imagecolorallocate($image, 113, 193, 217);// color
}
else
{
$color = imagecolorallocate($image, 163, 197, 82);// color
}
$white = imagecolorallocate($image, 255, 255, 255); // background color white
imagefilledrectangle($image,0,0,399,99,$white);
imagettftext ($image, 30, 0, 10, 40, $color, $dir.$font, $_SESSION['random_number']);
header("Content-type: image/png");
imagepng($image);
这里是整个代码http://download1473.mediafire.com/ef2uaexp2hmg/3j63qbbq7xiwryi/captcha.rar
答案 0 :(得分:3)
(以其他答案为基础)
您犯了大错误。为什么要用@符号来抑制错误?这只是糟糕的编码。你可能在某个地方遇到更大的问题而且你永远不会知道这一点。如果这是一种习惯,那么当你处理关键数据时呢?你会忽略错误吗?
对于您的实际代码,您想先在if语句中使用isset()吗?这是你的意思吗?
这就是你的代码应该是什么样的......
session_start();
if(isset($_REQUEST['code']) && strtolower($_REQUEST['code']) == strtolower($_SESSION['random_number']))
{
echo 1;// submitted
}
else
{
echo 0; // invalid code
}
答案 1 :(得分:1)
可能应该有&amp;&amp;在post.php代码中,否则,只要$ _REQUEST [&#39;代码&#39;]不为空,它将执行echo 1。
session_start();
if(@$_REQUEST['code'] && @strtolower($_REQUEST['code']) == strtolower($_SESSION['random_number']))
{
echo 1;// submitted
}
else
{
echo 0; // invalid code
}