1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 11:28 pm May 1, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Validating my CAPTCHA

validating my captcha

         

wicktron

11:43 pm on Nov 29, 2007 (gmt 0)

10+ Year Member



I have a form that submits its information to a script which then E-Mails to me.
The form has a CAPTCHA to prevent Spam bots from flooding my Mailbox full of Spam.

Here is my form code (where the CAPTCHA is): 


<td class="pgtext12BBlue">
 <img src="CaptchaSecurityImages.php" />
</td>
<td align="left">
 <span class="pgtext10">Enter Security Code (from image on left):</span> 
 <input id="security_code" name="security_code" size="15" type="text" value=<?php echo $_POST['security_code']?> >
</td>

Here is the form action script: 


<?php
$error=0;
$email=$_POST[email];
$phone=$_POST[phone];
$fname=$_POST[firstname];
$lname=$_POST[lastname];
$company=$_POST[company];
$number=$_POST[number];
$security_code=$_POST['security_code'];
if(empty($email)¦¦empty($phone))
{echo "<b>You didn't input either your email or phone number.<br> Please go back and try it again.</b>";
$error=1;
}
elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
{
 echo "<b>The e-mail was not valid. <br> Please go back and try it again.</b>"; 
 $error=1;
} 
elseif(!eregi("^[0-9-]+([0-9-]+)*[0-9-]+([0-9-]+)*$", $phone))
{
 echo "<b>The phone number was not valid. <br> Please go back and try it again.</b>"; 
 $error=1;
}
elseif( $_SESSION['security_code'] == $_POST['security_code'] &&!empty ($_SESSION['security_code']))
{
 echo "<b>Anti-spam security code incorrect. Please try again.</b>"; 
 $error=1;
}

The script then proceeds. If there are errors, user is prompted to go back... If no errors, script takes data entry and E-Mails to me.

I realize that this statement where the CAPTCHA validation is is incorrect: 


elseif( $_SESSION['security_code'] == $_POST['security_code'] &&!empty ($_SESSION['security_code']))
{
 echo "<b>Anti-spam security code incorrect. Please try again.</b>"; 
 $error=1;
}

When using this statement, correct CAPTCHA entries result in error messages. But it's the only way I get any output. I've tried to put 
!=
instead of 
==
, but to no avail. I've tried making the part after 
==
begin with 
!(2nd half here)
, but that also didn't work.

I want it such that if the CAPTCHA is entered incorrectly, an error message is sent.

Any way to re-write the validation statement so that I get my desired results? Let me know. Thanks.

phranque

3:34 am on Nov 30, 2007 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



welcome to WebmasterWorld [webmasterworld.com], wicktron!

not sure of php order of ops, but you could try an extra set of parentheses to force it: 

elseif(($_SESSION['security_code'] == $_POST['security_code']) &&!empty ($_SESSION['security_code']))

d40sithui

4:28 pm on Nov 30, 2007 (gmt 0)

10+ Year Member



print out your session data and your post data and manually compare them.
your script checks if the captcha string is the same as the post string. it currently displays a error if the strings are the same(correct).
your statement should use the!= since you are finding if the user has entered an incorrect string, not the other way around.

wicktron

5:42 pm on Nov 30, 2007 (gmt 0)

10+ Year Member



Adding the extra ( ) around the function worked. Wow, something so simple killed me. Thanks for the help!

wicktron

7:21 pm on Nov 30, 2007 (gmt 0)

10+ Year Member



I guess it didn't really work after all... Adding the ( ) made such that both right and wrong answers are invalid...

Hmmm. Such a simple line of code is killing me right now.

phranque

7:39 pm on Nov 30, 2007 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



have you tried printing out the values of $_SESSION['security_code'] and $_POST['security_code'] for debugging purposes?
also make sure the "empty" function is returning what it should.

wicktron

9:47 pm on Nov 30, 2007 (gmt 0)

10+ Year Member



I printed the values of each and they return the same value, which means they are equal to one another; so I still don't see why this isn't working.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 11:28 pm May 1, 2026