为我动态生成的表单实现验证码

时间:2015-08-16 16:33:17

标签: php sql

我有一些功能可以在我的页面上生成文章+与他们相关的评论:

function comment_form($id) { // generates a comment box form for every article on the page
    global $user_data;

    if (logged_in() === true) {
        echo "
        <form method='post' action='' class='comments_form'>
            <input type='text' name='username' placeholder='your name... *' id='name' value='{$user_data['username']}'>
            <div class='captcha'>" . create_captcha() .  "</div> 
            <textarea name='comments' id='textarea' placeholder='your comment... *' cols='30' rows='6'></textarea>
            <input type='hidden' name='blog_id' value='$id'>
            <input type='submit' name='submit' id='post' value='post'>
        </form>
        <hr class='artline'>";
    }
}

function list_articles($rows) { 
    if (empty($rows)) {
        return "There are no Articles to display";
    }

    $previous_blog_id = 0; 
    $content = '';

    foreach ($rows as $row) {
        if ($previous_blog_id != $row['content_id']) { // the blog id changed
            if ($previous_blog_id != 0) { // not the first section, close out the previous section
                $content .= comment_form($previous_blog_id); 
            }
            // start a new blog section
            $content .= "<h5 class='posted_by'>Posted by {$row['posted_by']} on {$row['date']}</h5>
                        <h1 class='content_headers'>{$row['title']}</h1>
                        <article>{$row['content']}</article>
                        <hr class='artline'>";
            $previous_blog_id = $row['content_id'];
        }
        if (!empty($row['comment_by']) && !empty($row['comments'])) {
             $content .= "<div class='commented_by'>User: {$row['comment_by']} </div>
                   <div class='comments'>Comment: {$row['comments']}</div>
                   <hr class='artline2'>";
        }
    }

    if ($previous_blog_id != 0) { 
        $content .= comment_form($previous_blog_id); 
    }

    return $content;
}

function insert_comments($comments, $comment_by, $blog_id) {
    include('core/db/db_connection.php');

    $comment_by = sanitize($comment_by);
    $comments = sanitize($comments);
    $blog_id = (int)$blog_id;
    $sql = "
        INSERT INTO article_comments (
               comments, 
               comment_by, 
               blog_id
        )
        VALUES (
              '$comments', 
              '$comment_by', 
              '$blog_id'
        )
    ";

    mysqli_query($dbCon, $sql);
}

我生成一个简单的数学验证码,如下所示:

function generate_captcha($num1, $num2) { // generates 2 random numbers
    $num1 = (int)$num1;
    $num2 = (int)$num2;
    $rand_num_1 = mt_rand($num1, $num2);
    $rand_num_2 = mt_rand($num1, $num2);
    $result = $rand_num_1 + $rand_num_2;

    return $result;
} 

function create_captcha() { // displays captcha on the page
    $num1 = generate_captcha(1, 20);
    $num2 = generate_captcha(1, 20);

    echo  $num1 . ' + ' . $num2 . ' = ';
    echo '<input type="text" name="captcha_results" size="2">';
    echo '<input type="hidden" name=\'num1\' value=' . $num1 . '; ?>';
    echo '<input type="hidden" name=\'num2\' value=' . $num2 . '; ?>';
}

正如您所看到的,我在我的create_captcha()函数中使用了comment_form()函数,因为我希望每个评论框都有一个与之关联的验证码。每篇文章都有自己的评论框。

上面的代码显示了我拥有的每个评论框的验证码字段,这就是我想要的。但是 - 它会将所有注释框移到内容之上,使其看起来像这样:

|-------------------------------------| // comments form for article 1
|Name: New User                       |
|Comment: New comment !               |
|                                     | 
|-------------------------------------|
[Submit] [captcha field]

|-------------------------------------| // comments form for article 2
|Name: New User                       |
|Comment: New comment !               |
|                                     | 
|-------------------------------------|
[Submit] [captcha field]

Article_1 title: LOREM IPSUM
Content: LOREM IPSUM DOLOR SIT AMET....
-------------------------------------- //comments
Name: User0
Comment: Great article!
--------------------------------------
Name: User1
Comment: Great article! - 2nd comment 
-------------------------------------- // end comments

============================================================

Article_2 title: LOREM IPSUM
Content: LOREM IPSUM DOLOR SIT AMET....
-------------------------------------- //comments
Name: User0
Comment: Great article!
--------------------------------------
Name: User1
Comment: Great article! - 2nd comment 
-------------------------------------- // end comments

我期待的行为是:

Article_1 title: LOREM IPSUM
Content: LOREM IPSUM DOLOR SIT AMET....
-------------------------------------- //comments
Name: User0
Comment: Great article!
--------------------------------------
Name: User1
Comment: Great article! - 2nd comment 
-------------------------------------- // end comments
|-------------------------------------| // comments form for article 1
|Name: New User                       |
|Comment: New comment !               |
|                                     | 
|-------------------------------------|
[Submit] [captcha field]

============================================================

Article_2 title: LOREM IPSUM
Content: LOREM IPSUM DOLOR SIT AMET....
-------------------------------------- //comments
Name: User0
Comment: Great article!
--------------------------------------
Name: User1
Comment: Great article! - 2nd comment 
-------------------------------------- // end comments
|-------------------------------------| // comments form for article 2
|Name: New User                       |
|Comment: New comment !               |
|                                     | 
|-------------------------------------|
[Submit] [captcha field]

是否与我插入generate_captcha函数的位置有关,导致注释框浮动到内容之上?

编辑:如果我返回表单而不是回显它 - 这是有效的。评论表格放在相应的文章下面:

function comment_form($id) {
    global $user_data;
    if (logged_in() === true) {
        return <<<EOT
        <form method='post' action='' class='comments_form'>
            <input type='text' name='username' placeholder='your name... *' id='name' value='{$user_data['username']}'>
            <textarea name='comments' id='textarea' placeholder='your comment... *' cols='30' rows='6'></textarea>
            <input type='hidden' name='blog_id' value='$id'>
            <input type='submit' name='submit' id='post' value='post'>
        </form>
        <hr class='artline'>
EOT;

但是,由于我必须使用<<<EOT,我无法插入函数。如何将create_captcha函数插入上面的??

编辑2:这不会返回预期的验证码表单,但它似乎将评论表单放在其位置......

function comment_form($id, $captcha) { 
    global $user_data;
    if (logged_in() === true) {
        return <<<EOT
        <form method='post' action='' class='comments_form'>
            <input type='text' name='username' placeholder='your name... *' id='name' value='{$user_data['username']}'>
            <textarea name='comments' id='textarea' placeholder='your comment... *' cols='30' rows='6'></textarea>
            <input type='hidden' name='blog_id' value='$id'>
            <input type='submit' name='submit' id='post' value='post'>
        </form>
        <hr class='artline'>
EOT;
    }
}

function list_articles($rows) {
    if(empty($rows)){
        return "There are no Articles to display";
    }

    $create_blog_captcha = create_blog_captcha();
    $previous_blog_id = 0; 
    $content = '';

    foreach($rows as $row) {
        if ($previous_blog_id != $row['content_id']) { // the blog id changed
            if($previous_blog_id != 0) { // not the first section, close out the previous section
                $content .= comment_form($previous_blog_id, $create_blog_captcha); 
            }
            // start a new blog section
            $content .= "<h5 class='posted_by'>Posted by {$row['posted_by']} on {$row['date']}</h5>
                        <h1 class='content_headers'>{$row['title']}</h1>
                        <article>{$row['content']}</article>
                        <hr class='artline'>";
            $previous_blog_id = $row['content_id'];
        }
        if (!empty($row['comment_by']) && !empty($row['comments'])) {
             $content .= "<div class='commented_by'>User: {$row['comment_by']} </div>
                   <div class='comments'>Comment: {$row['comments']}</div>
                   <hr class='artline2'>";
        }
    }

    if($previous_blog_id != 0){ 
        $content .= comment_form($previous_blog_id, $create_blog_captcha); 
    }

    return $content;
}

function create_blog_captcha() { 
    $num1 = generate_captcha(1, 20);
    $num2 = generate_captcha(1, 20);
    $captchanum = $num1 . ' + ' . $num2 . ' = ';
    $captchanum .= '<input type="text" name="captcha_results" size="2">
                   <input type="hidden" name=\'num1\' value=' . $num1 . '>
                   <input type="hidden" name=\'num2\' value=' . $num2 . '>';
    return $captchanum;
}

如何返回create_blog_captcha的值?我显然做错了......

1 个答案:

答案 0 :(得分:2)

在函数create_captcha()中,您尚未关闭隐藏的输入字段,因此您将破坏整个文档流。

function create_captcha() {
    $num1 = generate_captcha(1, 20);
    $num2 = generate_captcha(1, 20);

    return $num1 . ' + ' . $num2 . ' = 
    <input type="text" name="captcha_results" size="2">
    <input type="hidden" name=\'num1\' value=' . $num1 . ' />
    <input type="hidden" name=\'num2\' value=' . $num2 . ' />';
}

正如您所指出的,该函数先前已回显内容,而不是作为字符串返回到输出html的其他函数。