1

我在我的“联系我们”页面中创建了一个验证码功能,最终用户需要在他/她能够向我们发送消息之前验证给定的验证码。验证码验证是正确的 - 意思是,它读取验证码是否正确。现在的问题是,当我尝试单击提交按钮并假装输入错误的验证码时,尽管显示“验证码无效”,但消息仍然通过。这有什么诀窍吗?

这是我的contact.aspx,特别是提交按钮和验证码:

<asp:TextBox ID="txtCaptcha" runat="server" placeholder="Enter captcha"></asp:TextBox>

<cc1:CaptchaControl ID="Captcha1" runat="server" CaptchaBackgroundNoise="Low" CaptchaLength="5"
        CaptchaHeight="60" CaptchaWidth="300" CaptchaMinTimeout="5" CaptchaMaxTimeout="240"
        FontColor="#D20B0C" NoiseColor="#B1B1B1" />

<asp:CustomValidator ID="CustomValidator1" ErrorMessage="Invalid. Please try again." OnServerValidate="ValidateCaptcha"
        runat="server" />

        <asp:RequiredFieldValidator ID="RequiredFieldValidator3" runat="server" 
                                        ErrorMessage="Captcha is required." Display="Dynamic" ControlToValidate="txtCaptcha" 
                                        ForeColor="Red"></asp:RequiredFieldValidator>

这是提交按钮:

<asp:Button ID="Button1" runat="server" Text="Sumbit" 
                                class="btn btn-primary btn-lg" onclick="Button1_Click"/>

并联系aspx.cs

protected void Button1_Click(object sender, EventArgs e)
    {
        try
        {
            SqlConnection conn = new SqlConnection("Data Source = 'PAULO'; Initial Catalog=ShoppingCartDB;Integrated Security =True");
            conn.Open();
            string insertQuery = "insert into UserMessage(FirstName,LastName,EmailAddress,Phone,Message)values(@FirstName,@LastName,@EmailAddress,@Phone,@Message)";
            SqlCommand scm = new SqlCommand(insertQuery, conn);
            scm.Parameters.AddWithValue("@FirstName", txtboxFN.Text);
            scm.Parameters.AddWithValue("@LastName", txtboxLN.Text);
            scm.Parameters.AddWithValue("@EmailAddress", txtboxAddress.Text);
            scm.Parameters.AddWithValue("@Phone", txtPhone.Text);
            scm.Parameters.AddWithValue("@Message", txtMessage.Text);

            scm.ExecuteNonQuery();
            Label1.Text = "Message Sent Successfully";
            conn.Close();
        }
        catch (Exception ex)
        {
            Response.Write("Error:" + ex.ToString());
        }
    }
    protected void ValidateCaptcha(object sender, ServerValidateEventArgs e)
    {
        Captcha1.ValidateCaptcha(txtCaptcha.Text.Trim());
        e.IsValid = Captcha1.UserValidated;
        if (e.IsValid)
        {
            ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('Valid Captcha!');", true);
        }
    }
4

0 回答 0