我尝试使用Securimage,但即使我输入错误的验证码,表单总是张贴到另一页。如何首先验证验证码然后只将表单提交到发布的页面?表单会将我重定向到已发布的页面eventhoguh,但未验证capcha。请指教。
<?php session_start();
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<form action = "login.php" method = "post">
<p>
<label for="ct_name">Name*:</label>
<?php echo @$_SESSION['ctform']['name_error'] ?>
<input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_name']) ?>" />
</p>
<p>
<?php
// show captcha HTML using Securimage::getCaptchaHtml()
include_once 'genius_gadget/../securimage/securimage.php';
$options = array();
$options['input_name'] = 'ct_captcha'; // change name of input element for form post
echo Securimage::getCaptchaHtml($options);
?>
</p>
<input name="btnSubmit" type="submit" id="btnSubmit">
</form>
<?php
if(isset($_POST['btnSubmit'])){
if ($_POST['ct_name'] <> "") {
require_once 'genius_gadget/../securimage/securimage.php';
$securimage = new Securimage();
if ($securimage->check($captcha) == false) {
echo 'Incorrect security code entered';
}
}
else{
echo "Success";
}
}
?>
答案 0 :(得分:0)
整理代码......在PHP 5.3.29上测试
<?php // login.php
session_start();
// 1) Move the check logic before the login page display
// 2) Moved the options to the start - easy to see the input_name
// 3) fixed 'undefined variable $captcha message as incorrect input name used.
// 4) Always need the 'securimage.pph' script so move it to top of the file
// 5) Change the include path as it ignores the first directory
// 6) Always need a 'Secureimage' object so create it at the start.
// 7) Added HTML closing tags
// 8) Ensure that the input name value comes from $_POST not the $_SESSION.
// 9) Changed the 'ct_name' if test to cause an error if not entered.
// 10) Ensure that if captcha is valid the the 'success' path is executed
include_once '/securimage/securimage.php';
$options = array();
$options['input_name'] = 'ct_captcha'; // change name of input element for form post
$securimage = new Securimage($options);
if(isset($_POST['btnSubmit'])){
if ($_POST['ct_name'] <> "") {
if ($securimage->check($_POST['ct_captcha']) == false) {
echo 'Incorrect security code entered';
}
else{
echo "Success";
exit;
}
}
else {
echo 'Name not entered';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<form action = "login.php" method = "post">
<p>
<label for="ct_name">Name*:</label>
<?php echo @$_SESSION['ctform']['name_error'] ?>
<input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_POST['ct_name']) ?>" />
</p>
<p>
<?php
// show captcha HTML using Securimage::getCaptchaHtml()
echo Securimage::getCaptchaHtml($options);
?>
</p>
<input name="btnSubmit" type="submit" id="btnSubmit">
</form>
</body>
</html>