0

I have the code 

<form name="input" action="messagesave.php" method="POST">
    <table style="margin-left: auto; margin-right: auto;">
        <tr>
            <td style="font-family:'Comic Sans MS', cursive; font-size:20px; text-shadow: 0 0 10px #FFFFFF;">Subject:</td>
        </tr>
        <tr>
            <td><input type="text" value="(Optional)" name="sub" onblur="this.value=!this.value?'(Optional)':this.value;" onfocus="this.select()" onclick="this.value='';"></td>
        </tr>
        <tr>
            <td style="font-family:'Comic Sans MS', cursive; font-size:20px; text-shadow: 0 0 10px #FFFFFF;">Message (Required):</td>
        </tr>
        <tr>
            <td><textarea name="comment" id="comment" cols="60" rows="6"></textarea></td>
        </tr>
        <tr>
            <td>
            <?php
                require_once('recaptchalib.php');
                $publickey = "6LeSzekSAAAAAL32gFlK_vGcqI3-kuoz990KSJHU"; // you got this from the signup page
                echo recaptcha_get_html($publickey);
            ?>
            </td>
        </tr>
        <tr>
            <td><input type="submit" class="submit" value="Submit Message"></td>
        </tr>
    </table>
</form>

on the main page with the action being 

require_once('recaptchalib.php');

$privatekey = "6LeSzekSAAAAAAdAxcsVugyScb8B1D6UoKpjrX2W";
$resp = recaptcha_check_answer ($privatekey,
                            $_SERVER["REMOTE_ADDR"],
                            $_POST["recaptcha_challenge_field"],
                            $_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")");
} 
else {
    $comment = $_POST['comment'];
    $to = "jsmith@example.com";
    $subject = $_POST['sub'];
    $message = $comment;
    $from = "jsmith@example.net";
    $headers = "From:" . $from;
    mail($to,$subject,$message,$headers);
    echo "Mail Sent.";
    header( 'Location: success.html' ) ;
}

When a user INCORRECTLY enters reCAPTCHA code the page is moved onto a blank page saying recaptcha was not entered correctly.

I want to ask, how can I implement either an javascript alert or red text that appears on the main page so users will not have to press the back button all the time.

Thanks

4

3 回答 3

0

You have to send the form to the same PHP script itself with a parameter that indicates, that the form has been sent (send in this case):

<form name="input" action="?send" method="POST">

At the beginning of the same PHP script as the form is in check if the form is sent and the entered data is correct:

<?php

$errorArr = array();

if(isset($_GET['send'])) {
    // form is sent, do your captcha and other checks here and save the errors in an array
    if($captcha->wrong())
        $errorArr[] = 'You entered the captcha wrong';

   if(count($errorArr) <= 0) {
       // No errors occured so do stuff with the correct input of the user
       // save it to db for example
   }
}

?>

Somewhere on your page you can then print out the error messages like

<?php echo (count($errorArr) > 0)?implode('<br>', $errorArr):null; ?>

Or you can do the whole thing with two different pages and session variables but this is imho to complicate and unnecessary.

If you use Ajax to check your captcha you still need to check it serverside again when the form is sent because someone can disable javascript (as most of the spambot can't interpret javascript) und your captcha veryfication fails.

In your case you end up with something like

<?php

require_once('recaptchalib.php');

$errorArr = array();
$privatekey = "6LeSzekSAAAAAAdAxcsVugyScb8B1D6UoKpjrX2W";
$resp = recaptcha_check_answer ($privatekey,
                            $_SERVER["REMOTE_ADDR"],
                            $_POST["recaptcha_challenge_field"],
                            $_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    $errorArr[] = 'The reCAPTCHA wasn\'t entered correctly. Go back and try it again. (reCAPTCHA said: ' . $resp->error . ')';
} 

if(count($errorArr) <= 0) {
    $comment = $_POST['comment'];
    $to = "jsmith@example.com";
    $subject = $_POST['sub'];
    $message = $comment;
    $from = "jsmith@example.net";
    $headers = "From:" . $from;

    if(mail($to,$subject,$message,$headers) === false)
        $errorArr[] = 'Mail could not be sent to us due to a technical error';

    // if headers are sent after output already sent you get an error
    //echo "Mail Sent."; 
    header( 'Location: success.html' ) ;
}

?>
<form name="input" action="messagesave.php" method="POST">
    <?php echo (count($errorArr) > 0)?implode('<br>', $errorArr):null; ?>
    <table style="margin-left: auto; margin-right: auto;">
        <tr>
            <td style="font-family:'Comic Sans MS', cursive; font-size:20px; text-shadow: 0 0 10px #FFFFFF;">Subject:</td>
        </tr>
        <tr>
            <td><input type="text" value="(Optional)" name="sub" onblur="this.value=!this.value?'(Optional)':this.value;" onfocus="this.select()" onclick="this.value='';"></td>
        </tr>
        <tr>
            <td style="font-family:'Comic Sans MS', cursive; font-size:20px; text-shadow: 0 0 10px #FFFFFF;">Message (Required):</td>
        </tr>
        <tr>
            <td><textarea name="comment" id="comment" cols="60" rows="6"></textarea></td>
        </tr>
        <tr>
            <td>
            <?php
                require_once('recaptchalib.php');
                $publickey = "6LeSzekSAAAAAL32gFlK_vGcqI3-kuoz990KSJHU"; // you got this from the signup page
                echo recaptcha_get_html($publickey);
            ?>
            </td>
        </tr>
        <tr>
            <td><input type="submit" class="submit" value="Submit Message"></td>
        </tr>
    </table>
</form>
于 2013-11-07T06:43:20.103 回答
0

It is going to different page because i guess you are posting the form. What you can do is change your submit button to simple button. Then 

 $( "#button" ).click(function() {
     //your ajax call to validating php
//on success $( "#formId" ).submit();
    });

In case you don't want to use javascript just post the form and you can redirect it to the same page from your validation php with a variable set.

header("Location:http://localhost/login.php?x=1")

Check for 

if(isset($_GET('x'))){
//your html for error message
}

Perhaps This POST can help

于 2013-11-07T06:45:39.483 回答
0

Combine your form and your action handling code into one script that posts to itself with the general form being:

if ($POST['submit'] && $resp->is_valid) {
    // Form sent and captcha ok

} else {
    // Check, was it submitted already?
    if (isset($resp) && !$resp->is_valid) {
        echo "<div><p>The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")</p></div>"; 
    }
    // All the form code here.

}
于 2013-11-07T06:54:54.563 回答