1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 10:44 am May 1, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Connect form with captcha code! Problem - pls help

         

seedymk

8:30 pm on Dec 29, 2008 (gmt 0)

10+ Year Member



Hi everybody, please anyone help me with this code. I'm trying to connect username and password form with captcha code, but it does not working. I enter username and password and there is no need to enter the code in order to continue, only username and pass. So, what should I do, please help. Here is the code:

This is from the top of my page code:

<?
session_start();
if($_POST['code']!=$_SESSION['string']){
header("Location: login.php?error=1");
}

$username=uc($_POST['username']);
$password=uc($_POST['password']);

if ($password==NULL) {
header("Location: login.php?error=2");
}else{

$query = mysql_query("SELECT username,password FROM tb_users WHERE username = '$username'") or die(mysql_error());
if(mysql_num_rows($query) == 0)
{
header("Location: login.php?error=3");
} else {
$data = mysql_fetch_array($query);
if($data['password'] != $password) {
header("Location: login.php?error=4");
}else{
$query = mysql_query("SELECT username,password FROM tb_users WHERE username = '$username'") or die(mysql_error());
$row = mysql_fetch_array($query);

$nicke=$row['username'];
$passe=$row['password'];

setcookie("usNick",$nicke,time()+7776000);
setcookie("usPass",$passe,time()+7776000);

$lastlogdate=time();
$lastip = getRealIP();

$querybt = "UPDATE tb_users SET lastlogdate='$lastlogdate', lastiplog='$lastip' WHERE username='$nicke'";
mysql_query($querybt) or die(mysql_error());

header("Location: index.php");
?>

<META HTTP-EQUIV="REFRESH" CONTENT="0;URL=index.php">

<?
}
}
}
}
?>

HERE there is some code about styles, tables and pictures used for my login page and next is this:

<?
if($_GET['error'] == 1)
{
print "<b>Error</b> - Wrong Captcha Code<br /><br/>";
}
if($_GET['error'] == 2)
{
print "<b>Error</b> - Please supply a password<br /><br/>";
}
if($_GET['error'] == 3)
{
print "<b>Error</b> - Invalid Username<br><br>";
}
if($_GET['error'] == 4)
{
print "<b>Error</b> - Invalid Password<br /><br />";
}
?>
</span><br>
<form name="form1" method="post" action="">
<table>
<tr>
<td class="midtext">Username:</td>
<td><input type="text" name="username" size="25" class="form" autocomplete="off">
<span class="style12"> *</span></td>
</tr>
<tr>
<td class="midtext">Password:</td>
<td><input type="password" name="password" size="25" class="form" autocomplete="off">
<span class="style12"> *</span></td>
</tr>
<tr>
<td class="midtext" valign="top">Captcha code:</td>
<td class="midtext"><img src="image.php" alt="" onClick="this.src='image.php?newtime=' + (new Date()).getTime();"><br>
(click on the picture to reload)<br />
<input type="text" name="code" size="17" maxlength="17" autocomplete="off" class="form">
<span class="style12"> *</span></td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit" value="Submit" name="loginsubmit" class="form"></td>
</tr>
</table>
</form>

So where is the problem?
Thanks a lot!

rockerzz501

3:29 am on Dec 30, 2008 (gmt 0)

10+ Year Member



What exactly is the error provided?And when does it happen? After the form submission or when login entry is incorrect?

Mahabub

11:33 am on Dec 30, 2008 (gmt 0)

10+ Year Member



Dear seedymk,

Whats the error you got every time. If it is (Wrong Captcha Code) Then I think you have missed the session in your login page. I mean first page where you create the cpatcha code and put the value in a session.

Thanks
Mahabub

seedymk

12:26 pm on Dec 30, 2008 (gmt 0)

10+ Year Member



Dear friends, the problem is that my login page does not require the captcha code provided. So, there is no need to enter this code in form in order to continue with submitting. I just enter username and pass and when press submit button it's logged in (in some way I can say that captcha is not connected with form). So it's same in both cases: I can log in without entering captcha, and also i can log in with entering the shown number. I can't see the - Wrong Captcha Code ERROR.

henry0

1:04 pm on Dec 30, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



seedymk, welcome to WebmasterWorld!

Add below
<?php
session_start();
error_reporting(E_ALL); and report

Could you show us what is image.php
what is it? your captcha script, a DB query?

Test: get rid of everything, keep only the line that calls this image.php
and report what (if any) is the error.

seedymk

6:17 pm on Dec 30, 2008 (gmt 0)

10+ Year Member



1. when I type "test" as username and "test12" as pass and leave the Captcha code empty - it will log in; and

2. when I type "test" as username and "test12" as pass and in the Captcha code form type anything - it will log in again.

So, I never get the message "Wrong captcha code"

[edited by: seedymk at 6:49 pm (utc) on Dec. 30, 2008]

henry0

6:28 pm on Dec 30, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi, you are not allowed to post a real URL, it will be soon removed :)
read the T O S [webmasterworld.com]

what we need from you is to answer to the questions previously asked.

did you try the test I mentioned, and please, post the image.php script
thanks

seedymk

6:50 pm on Dec 30, 2008 (gmt 0)

10+ Year Member



OK, first, I'm really sorry for the link.
about the test, yes I do that but I get the same thing as I said before.

Here is the image.php script:

<?php
session_start();
function strrand($length)
{
$str = "";

while(strlen($str)<$length){
$random=rand(48,122);
if( ($random>47 && $random<58) ){
$str.=chr($random);
}

}

return $str;
}

$text = $_SESSION['string']=strrand(5);
$img_number = imagecreate(47,17);
$backcolor = imagecolorallocate($img_number,244,244,244);
$textcolor = imagecolorallocate($img_number,0,0,0);

imagefill($img_number,0,0,$backcolor);

imagestring($img_number,50,1,1,$text,$textcolor);

header("Content-type: image/png");
imagejpeg($img_number);
?>

henry0

7:25 pm on Dec 30, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



OK tested the whole thing
it works!
if you do not see the rand numbers then I guess
your form is not finding image.php
is image.php at the same level as the form is
I mean as a separated file, indeed not built in the form body
if it does not then we need more fresh eyes because I do not see any reason for the thing not to work

seedymk

7:58 pm on Dec 30, 2008 (gmt 0)

10+ Year Member



Ok, the script is fine (i see the numbers), but I can still log in without entering the captcha code. What I try to do is when I'm going to log in, I must provide username, password and the captcha code. Right now, I can log in only with username and pass, but I need these 3 things (username, pass and the captcha code) to be filled in order to submit and login to the page. Probably I have some other mistakes, not in the captcha code...

henry0

8:02 pm on Dec 30, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Guess I did not get what the real problem is
Now I have a better understanding
The php does two things one create a random number: $str
and two make an image
so knowing this I will (if it was me) grab the value of $str
do not submit the form to itself but to another script
that should verify that password and username are what you expect
and most important recieve as $_POST (hidden value from the form) the $str value
Next: Add to the function something like $str2=$str;
make where the form exists $str2 a session passed also to the receiving script
compare that $str and $str2 are ==
then log your user in
(sorry got to go....)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 10:44 am May 1, 2026