0

你能在下面帮忙吗:

我已经开始使用用户注册我的 Joomla 1.5 网站...

垃圾邮件机器人正在网站上注册

虽然我使用了来自网站的验证码——http: //www.white-hat-web-design.co.uk/blog/php-captcha-security-images/

它在注册页面链接上工作(未经验证) - http://www.mycarhelpline.com/index.php?option=com_user&view=register&Itemid=79

但是,在注册页面中没有得到验证,

验证码

session_start();

if( isset($_POST['submit'])) {

   if( $_SESSION['security_code'] == $_POST['security_code'] && 

!empty($_SESSION['security_code'] ) ) {

        // Insert you code for processing the form here, e.g emailing the 

submission, entering it into a database. 

        echo 'Thank you. Your message said "'.$_POST['message'].'"';

        unset($_SESSION['security_code']);

   } else {

        // Insert your code for showing an error message here

        echo 'Sorry, you have provided an invalid security code';

   }

} else {

}

我需要在 Joomla 的哪个文件/行 - controller.php、default.php 和 view.html.php 中放入此代码。我已经尝试在不同行的不同文件上进行排列/组合,但它不起作用。

请建议

嗨 - 即使在进行更改后它也无法正常工作,事实上它在controller.php 中显示服务器错误 - 将完整的代码放在这里

     function register_save()
     {
    global $mainframe;

    // Check for request forgeries
    JRequest::checkToken() or jexit( 'Invalid Token' );

    session_start();
    if( isset($_POST['submit'])) {
           if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
        // Insert you code for processing the form here, e.g emailing the submission, entering it into a database. 
            echo 'Thank you.';
            unset($_SESSION['security_code']);
       } else {
        // Insert your code for showing an error message here
            echo 'Sorry, you have provided an invalid security code';
       }
    } else {


    // Get required system objects
    $user       = clone(JFactory::getUser());
    $pathway    =& $mainframe->getPathway();
    $config     =& JFactory::getConfig();
    $authorize  =& JFactory::getACL();
    $document   =& JFactory::getDocument();

    // If user registration is not allowed, show 403 not authorized.
    $usersConfig = &JComponentHelper::getParams( 'com_users' );
    if ($usersConfig->get('allowUserRegistration') == '0') {
        JError::raiseError( 403, JText::_( 'Access Forbidden' ));
        return;
    }

    // Initialize new usertype setting
    $newUsertype = $usersConfig->get( 'new_usertype' );
    if (!$newUsertype) {
        $newUsertype = 'Registered';
    }

    // Bind the post array to the user object
    if (!$user->bind( JRequest::get('post'), 'usertype' )) {
        JError::raiseError( 500, $user->getError());
    }

    // Set some initial user values
    $user->set('id', 0);
    $user->set('usertype', $newUsertype);
    $user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' ));

    $date =& JFactory::getDate();
    $user->set('registerDate', $date->toMySQL());

    // If user activation is turned on, we need to set the activation information
    $useractivation = $usersConfig->get( 'useractivation' );
    if ($useractivation == '1')
    {
        jimport('joomla.user.helper');
        $user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) );
        $user->set('block', '1');
    }

    // If there was an error with registration, set the message and display form
    if ( !$user->save() )
    {
        JError::raiseWarning('', JText::_( $user->getError()));
        $this->register();
        return false;
    }

    // Send registration confirmation mail
    $password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
    $password = preg_replace('/[\x00-\x1F\x7F]/', '', $password); //Disallow control chars in the email
    UserController::_sendMail($user, $password);

    // Everything went fine, set relevant message depending upon user activation state and display message
    if ( $useractivation == 1 ) {
        $message  = JText::_( 'REG_COMPLETE_ACTIVATE' );
    } else {
        $message = JText::_( 'REG_COMPLETE' );
    }

    $this->setRedirect('*********', $message);
}
4

1 回答 1

0

把你的验证码放进去

文件:components\com_user\controller.php
函数名称:register_save()

在这条线之后JRequest::checkToken() or jexit( 'Invalid Token' );

并将您的消息设置为变量$message..

希望这会奏效

于 2012-09-07T05:11:49.427 回答