0

我通过这个 [tutorial][1] 制作了验证码,

[1]:http ://codechirps.com/how-to-add-a-completely-custom-captcha-to-any-web-form/但在我看来它没有完成。我编写了代码,但即使我输入错误的答案,我也可以发送电子邮件。我觉得我必须在 php 文件中编写额外的代码,但我不知道在哪里。任何帮助都非常感谢

<div class="modal-body">
                <form class="contact" name="contact">
                    <label class="label" for="name">Имя</label><br>
                    <input type="text" name="name" class="input-xlarge"><br>
                    <label class="label" for="email">E-mail</label><br>
                    <input type="email" name="email" class="input-xlarge"><br>
                    <label class="label" for="message">Сообщение</label><br>
                    <textarea name="message" class="input-xlarge"></textarea>
                </form>
            </div>
            <div class="modal-footer">
                        <p>2 + 3 =</p>
                        <input type="text" name="captcha" />
                <input class="btn btn-warning" type="submit" value="Отправить" id="submit">
                <a href="#" class="btn btn-danger" data-dismiss="modal">Закрыть</a>


<?php
$myemail = '';
if (isset($_POST['name'])) {
$name = strip_tags($_POST['name']);
$email = strip_tags($_POST['email']);
$message = strip_tags($_POST['message']);
$captcha = check_input($_POST['captcha']);
echo "<span class=\"alert alert-success\" >Сообщение отправлено</span><br><br>";

if (!preg_match("/5/", $captcha))
{
show_error("Check your math, Dude");
}


$to = $myemail;
$email_subject = "Contact form submission: $name";
$email_body = "You have received a new message. ".
" Here are the details:\n Name: $name \n ".
"Email: $email\n Message \n $message";
$headers = "From: $myemail\n";
$headers .= "Reply-To: $email";
mail($to,$email_subject,$email_body,$headers);
}?>
4

1 回答 1

1

好的,因此您需要检查输入的值以查看它们是否有效。如果没有,您将显示错误并且邮件不会被发送。如果所有检查都通过,邮件就会被发送。因此,您需要检查$_POST['email']and$_POST['captcha']字段(如果您愿意,请检查其余部分是否为空或其他)。

在 php 中,您可以这样做:

$myemail = "";
if(isset($_POST['name'])){ // check if a form is submitted
    if(empty(trim($_POST['name'])) || empty(trim($_POST['message'])) || empty(trim($_POST['email'])) || empty(trim($_POST['captcha'])) ){ // check if values are not empty
        echo "Please fill in all the required fields.";
    }else if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){ // check email
        echo "Please give a real e-mail address.";
    }else if(!preg_match("/5/", $_POST['captcha'])){ // the code provided by your script
        echo "Get your math right, dude!";
    }else{ // all fields seem to be ok
        // sanitize input using htmlspecialchars(), see http://stackoverflow.com/a/5788361/1319187
        $name = htmlspecialchars($_POST['email']);
        $email = $_POST['email']; // email doesn't need to be sanitized since it's been filtered
        $message = htmlspecialchars($_POST['message']);

        //Send the mail
        $to = $myemail;
        $email_subject = "Contact form submission: $name";
        $email_body = "You have received a new message. ".
            " Here are the details:\n Name: $name \n ".
            "Email: $email\n Message \n $message";
        $headers = "From: $myemail\n";
        $headers .= "Reply-To: $email";
        if(mail($to,$email_subject,$email_body,$headers)){
            echo "Succes! Your mail has been sent!";
        }else{
            echo "Something went wrong with the sending of a mail.";
        }
    }
}

应该很简单,如果你不知道它们是做什么的,你可以谷歌一些功能。

我也不知道check_input()从哪里来。它不是原生 PHP 函数,您提供的链接没有显示它的作用。此外,检查验证码的值是否为 5 的正则表达式有点愚蠢,您可以只检查$_POST['captcha'] == '5'. 另请记住,您必须稍微随机化这些值。

于 2013-09-01T17:01:03.883 回答