Securimage无法验证表单

时间:2015-04-14 04:50:39

标签: php forms

我尝试使用Securimage,但即使我输入错误的验证码,表单总是张贴到另一页。如何首先验证验证码然后只将表单提交到发布的页面?表单会将我重定向到已发布的页面eventhoguh,但未验证capcha。请指教。

<?php session_start(); 

?>

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>

<body>
<form action = "login.php" method = "post">

  <p>
    <label for="ct_name">Name*:</label>
    <?php echo @$_SESSION['ctform']['name_error'] ?>
    <input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_name']) ?>" />
  </p>


  <p>
    <?php
      // show captcha HTML using Securimage::getCaptchaHtml()
    include_once 'genius_gadget/../securimage/securimage.php';
      $options = array();
      $options['input_name'] = 'ct_captcha'; // change name of input element for form post

      echo Securimage::getCaptchaHtml($options);
    ?>
  </p>

  <input name="btnSubmit" type="submit" id="btnSubmit">
</form>


<?php

    if(isset($_POST['btnSubmit'])){


        if ($_POST['ct_name'] <> "") {

        require_once 'genius_gadget/../securimage/securimage.php';      
        $securimage = new Securimage();

              if ($securimage->check($captcha) == false) {
                echo 'Incorrect security code entered';
              }
            }

        else{

            echo "Success";

        }

    }

?>

1 个答案:

答案 0 :(得分:0)

整理代码......在PHP 5.3.29上测试

<?php // login.php
session_start();

//  1) Move the check logic before the login page display
//  2) Moved the options to the start - easy to see the input_name
//  3) fixed 'undefined variable $captcha message as incorrect input name used.
//  4) Always need the 'securimage.pph' script so move it to top of the file
//  5) Change the include path as it ignores the first directory
//  6) Always need a 'Secureimage' object so create it at the start.
//  7) Added HTML closing tags
//  8) Ensure that the input name value comes from $_POST not the $_SESSION.
//  9) Changed the 'ct_name' if test to cause an error if not entered.
// 10) Ensure that if captcha is valid the the 'success' path is executed

include_once '/securimage/securimage.php';

$options = array();
$options['input_name'] = 'ct_captcha'; // change name of input element for form post

$securimage = new Securimage($options);


    if(isset($_POST['btnSubmit'])){


        if ($_POST['ct_name'] <> "") {

            if ($securimage->check($_POST['ct_captcha']) == false) {
                echo 'Incorrect security code entered';
             }
            else{
                echo "Success";
                exit;
            }
        }
        else {
            echo 'Name not entered';
        }
    }

?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>

<body>
<form action = "login.php" method = "post">

  <p>
    <label for="ct_name">Name*:</label>
    <?php echo @$_SESSION['ctform']['name_error'] ?>
    <input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_POST['ct_name']) ?>" />
  </p>


  <p>
    <?php
      // show captcha HTML using Securimage::getCaptchaHtml()
      echo Securimage::getCaptchaHtml($options);
    ?>
  </p>

  <input name="btnSubmit" type="submit" id="btnSubmit">
</form>
</body>
</html>