Captcha Validation

PHP
1

Any direction on this would be great. Thanks in advance.

The $codeVal has to be installed somewhere with the else if (md5($code) == $_SESSION[image_random_value’]) to facilitate the setting of the error on the entry of an invalid captcha code entry to the input field! This is shown in line 4 of the code below. I have tried all ways of writing the line with the $codeVal included but to no effect. Am I on the correct track?

I have followed the same principle as that used in the email and phone Validate codes but I do not get the result. Thus, having difficulty making progress with this aspect of the captcha validation!

I include the email and phone validation code as they work to requirements with the $emailVal and $phoneVal installed.

Captcha control as follows from the validate.php:

/* Validate captcha entry*/	
		public function validateCode($codeVal, $codeName) {
        if (strlen($codeVal) <= 0) {
            $this->setError($codeName, "Enter Validate Code");			
        } else if(md5($code) == $_SESSION['image_random_value']) {	
            $this->setError($codeName, "Valid Code Required");
        }
    }

/* Validate email address */
    public function validateEmail($emailVal, $emailName) {
        if (strlen($emailVal) <= 0) {
            $this->setError($emailName, "Address Required");
        } else if (!preg_match('/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/', $emailVal)) {
            $this->setError($emailName, "Valid Address Required");
        }
    }
	
/* Validate phone no entry to allow numbers only */	
	public function validatePhone($phoneVal, $phoneName) {
        if (strlen($phoneVal) <= 0) {
            $this->setError($phoneName, "Number Required");
		} else if (preg_match('/[^0-9]/', $phoneVal)) {
            $this->setError($phoneName, "Valid Number Required");
        }
    }

Captcha panel visible to visitor as follows from the contact.php:

<fieldset>
	    <legend>Validate Form  <span class="errors"><?php echo $codeErr ?></span></legend>
		<span class="required">Required</span>
	        <center>
	        <img src="randomImage.php" alt="Captcha Image"/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
                <input type="text" name="code" class="data"/>
	        <!--Refresh Validate Code Button Facility-->				
		<div id="flip"><a href onclick="history.go()" class="link" alt="Refresh Code" /></a></div>
                </center>
	  </fieldset>

and it looks like the visitorView.jpg image attached which shows the random generated image and the data or code input field.

2

I’m just guessing. Shouldn’t that be

else if(md5($code) != $_SESSION[‘image_random_value’]) {
$this->setError($codeName, “Valid Code Required”);

?

3

Im guessing too:

else if(md5($code)

SB

else if(md5($codeVal)

?

4

Yes, that does move it along. It is now responding with the message Valid Code Required… even when the correct code is inputted!

However I now get a Notice: Undefined variable: code in C:\wamp\www\NewForm\validateClass.php on that line.
Could I be misnaming something somewhere or is there some further integration required ?

The PHP processor on the contact.php is as follows and I have pushed the bits relevant to the code over the page:

<?php
define("EMAIL", "xxxxxx@gmail.com");

$messageErr = "";
$message_text = "";
$errors = "";

$nameErr = "";
$emailErr = "";
$phoneErr = "";
$messageErr = "";
                                                                     $codeErr = "";

$name = "";
$email = "";
$phone = "";
$message = "";
                                                                     $code = "";

if(isset($_POST['submit'])) {
 
  include('validateClass.php');
 
  //assign post data to variables
    $name    = trim($_POST['name']);
    $email   = trim($_POST['email']);
    $phone   = trim($_POST['phone']);
    $message = trim($_POST['message']);
                                                                      $code    = trim($_POST['code']);
 
  //start validating our form
  $v = new validate();
  $v->validateStr($name, "name", 5, 75);
  $v->validateEmail($email, "email");
  $v->validatePhone($phone, "phone");
  $v->validateStr($message, "message", 10, 500); 
                                                                     $v->validateCode($code, "code");
 
  if(!$v->hasErrors()) {
        $header   = "From: $email\
" . "Reply-To: $email\
";
        $subject  = "Contact Form Subject";
        $email_to = EMAIL;
 
        $emailMessage  = "Name:  " . $name  . "\
";
        $emailMessage .= "Email: " . $email . "\
\
";
		$emailMessage .= "Phone: " . $phone;
        $emailMessage .= $message; 
   
    //use php's mail function to send the email
        @mail($email_to, $subject ,$emailMessage ,$header ); 
 
    //grab the current url, append ?sent=yes to it and then redirect to that url
        $url = "http". ((!empty($_SERVER['HTTPS'])) ? "s" : "") . "://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
        header('Location: '.$url."?sent=yes");
 
    } else {
    //set the number of errors message
    $message_text = $v->errorNumMessage();      
 
    //store the errors list in a variable
    $errors = $v->displayErrors();
 
    //get the individual error messages
    $nameErr    = $v->getError("name");
    $emailErr   = $v->getError("email");
    $phoneErr   = $v->getError("phone");
    $messageErr = $v->getError("message");
	                                                                        $codeErr  = $v->getError("code");
  } //end of the error check
}
// end isset
?>

And the validateClass.php is as follows:

<?php

class validate {

    public $errors = array();

	/* Validate a string */
    public function validateStr($postVal, $postName, $min = 10, $max = 500) {	
        if (strlen($postVal) < intval($min)) {
            $this->setError($postName, ucfirst($postName) . " at least {$min} characters long.");
        } else if (strlen($postVal) > intval($max)) {
            $this->setError($postName, ucfirst($postName) . " less than {$max} characters long.");
        }
    }
	
/* Validate email address */
    public function validateEmail($emailVal, $emailName) {
        if (strlen($emailVal) <= 0) {
            $this->setError($emailName, "Address Required");
        } else if (!preg_match('/^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/', $emailVal)) {
            $this->setError($emailName, "Valid Address Required");
        }
    }
	
/* Validate phone no to allow numbers only */	
	public function validatePhone($phoneVal, $phoneName) {
        if (strlen($phoneVal) <= 0) {
            $this->setError($phoneName, "Number Required"); 
		} else if (preg_match('/[^0-9]/', $phoneVal)) { 
        //} else if (is_numeric ($phoneVal)) {
            $this->setError($phoneName, "Valid Number Required");
        }
    }
	
/* Validate captcha entry*/	
		public function validateCode($codeVal, $codeName) {
        if (strlen($codeVal) <= 0) {
            $this->setError($codeName, "Enter Validate Code");			
        } else if(md5($code) != $_SESSION['image_random_value']) {	
            $this->setError($codeName, "Valid Code Required");
        }
    }
	
/* sets an error message for a form element*/	
    private function setError($element, $message) {
        $this->errors[$element] = $message;
    }
	
/* returns the error of a single form element*/
    public function getError($elementName) {
        if ($this->errors[$elementName]) {
            return $this->errors[$elementName];
        } else {
            return false;
        }
    }
	
/* displays the errors as an html un-ordered list*/
    public function displayErrors() {
        $errorsList = "<ul class=\\"errors\\">\
";
        foreach ($this->errors as $value) {
            $errorsList .= "<li>" . $value . "</li>\
";
        }
        $errorsList .= "</ul>\
";
        return $errorsList;
    }
	
/* returns whether the form has errors*/
    public function hasErrors() {
        if (count($this->errors) > 0) {
            return true;
        } else {
            return false;
        }
    }
	
/* returns a string stating how many errors there were*/
    public function errorNumMessage() {
        if (count($this->errors) > 1) {
            $message = "There were " . count($this->errors) . " errors sending your message!\
";
        } else {
            $message = "Please correct the error to send your message!\
";
        }
        return $message;
    }
}
?>
5

Did you see my comment at #3 above?

6

this is relay help full but i feel barring

7

Thanks Cups that has moved it on again.

In wamp it works all the way through and presents the
Your message has been sent” at the end of the process.

Just tried it on the web at this test position and it goes all the way through the
process except at the end it does not present “Your message has been sent” view. Instead it
goes over to a webpage saying

Oops! Page Not Found Sorry, the page you were looking for could not be found.

It did send test message to my email.

The Form action is the standard

<?php echo $_SERVER['PHP_SELF'];?>

So why, the Page not Found ?

8

Check where it is sending you.


// comment the line out temporarily
// echo the url onto the page
// put it into your address bar then try and 
// work out why the page does not exist
// header('Location: '.$url."?sent=yes"); 
echo $url."?sent=yes;  // add this line temporarily
9

OK, not sure if I am getting your instructions correctly but it looks as follows:

//grab the current url, append ?sent=yes to it and then redirect to that url
        $url = "http". ((!empty($_SERVER['HTTPS'])) ? "s" : "") . "://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
        //header('Location: '.$url."?sent=yes");
	echo ($url."?sent=yes"); // add this line temporarily

Now going to the test position and filling out the form it does not present the “Your message has been sent” but gives the following at the top of the page:

https://www.validation.webitry.net/contact.php?sent=yes

The test email message arrived in my in box.

When I put https://www.validation.webitry.net/contact.php?sent=yes into the address bar it brings me to the

Oops! Page Not Found Sorry, the page you were looking for could not be found.

What is this telling us?

10

Try changing

(!empty($_SERVER[‘HTTPS’]))

to

$_SERVER[‘HTTPS’] == ‘on’

It appear the https is what’s causing the server error

11

Like the machine in the water…!

may not have installed as I should have…

 $url = "http". ($_SERVER['HTTPS'] == 'on' ? "s" : "") . "://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];

I have tried different ways but not getting required result as I am probably installing it incorrectly! This gives a 500 error when click send.

12

I sent a support request to my hosting provider about this line of code as it redirects
the “Your message has been sent” to an Oops page that cannot be found!

$url = "http". ((!empty($_SERVER['HTTPS'])) ? "s" : "") . "://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
        header('Location: '.$url."?sent=yes");

They responded with the following advice:
It looks like that this code cannot run on
shared hosting platform, you will need to get widows VM with us
if you wish to run this piece of code.

Do I have any other options?

13

The Engineers at my hosting provider have looked in to this and have confirmed that this code line

$url = "http". ((!empty($_SERVER['HTTPS'])) ? "s" : "") . "://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
header('Location: '.$url."?sent=yes");

will work. It looks like there are coding issue elsewhere that you will need to look in to on this.

Might there be something in the the .php files that is completing the form send to the Oops page?

I note the following when running in wamp:

Notice: Undefined index: name in C:\wamp\www\NewForm\validateClass.php on line 58

Notice: Undefined index: phone in C:\wamp\www\NewForm\validateClass.php on line 58

Notice: Undefined index: message in C:\wamp\www\NewForm\validateClass.php on line 58

Notice: Undefined index: code in C:\wamp\www\NewForm\validateClass.php on line 58

How would I rectify to get rid of this?