Spam visible in phpmyadmin but not on the discussion forum of my webpage

I have a discussion forum on my personal site. As it was for learning purposes, I had just started 2 threads, one dealing with facebook usage and one dealing with a question about letters vs emails. I was flooded with spam replies for both the threads, but more on the facebook question. So, I deleted that thread. But I continued to get spam on the second thread.

I now have a captcha which I learnt to use with the help of my sitepoint friends. One needs to type in the letters in the captcha to be able to see my discussion forum. But now I have a strange problem. I do not see any spam messages on my site, but when I go to my cpanel and the phpmyadmin section, I can see many spam messages in my reply table. I just keep truncating the table. It becomes impossible to delete only the spam replies and retain the genuine replies as there are so many spam replies. Why is this happening? How is it not visible on the webpage?

Can we see your comment posting PHP script to know how you have implemented your captcha in it? Please paste here the complete script how you have implemented captcha.

Hi Raju, I am giving below the code of captcha.php (the one you helped me with in another thread) and the code on the page containing my captcha image. Is that what you want to see?

I started a new thread on this as I felt that the help I needed on this one was for a different reason than the one which I needed while creating the captcha script.

My captcha.php code is as given below:

 
<?php
//Start the session so we can store what the code actually is. 
session_start(); 
//Now lets use md5 to generate a totally random string 
$md5 = md5(microtime() * mktime()); 
/* We dont need a 32 character long string so we trim it down to 5 */ 
$string = substr($md5,0,5);
/* Now for the GD stuff, for ease of use lets create the image from a background image. */ 
$captcha = imagecreatefrompng("captcha.png");  
/* Lets set the colours, the colour $line is used to generate lines. Using a blue misty colours. The colour codes are in RGB */ 
$black = imagecolorallocate($captcha, 0, 0, 0); 
$line = imagecolorallocate($captcha,233,239,239); 
/* Now to make it a little bit harder for any bots to break,assuming they can break it so far. Lets add some lines in (static lines) to attempt to make the bots life a little harder */ 
imageline($captcha,0,0,39,29,$line); 
imageline($captcha,40,0,64,29,$line);
/* Now for the all important writing of the randomly generated string to the image. */
 imagestring($captcha, 5, 20, 10, $string, $black); 
/* Encrypt and store the key inside of a session */ 
$_SESSION['key'] = $string; 
/* Output the image */ 
header("Content-type:image/png"); 
imagepng($captcha);
# Destroys the image
imagedestroy($captcha); 
?>  

The code on my page containing the captcha image.

 
<?php
session_start();
if($_SERVER['REQUEST_METHOD'] == 'POST'){
$vResult = '';
 if(strtolower($_SESSION['key']) != strtolower($_POST['security_code'])){
$vResult = 'Security Code is invalid!';   
}
else{
die('<a href="discussionforum.php">Discussion Forum</a>');
}
}
?>
<html>
<?php
$page_title = "jppp - My Personal Web Page - Discussion Form";
$page_description = "jppp - My Personal Web Page - discussion form";
 
 include("header.php"); ?>
<body>
<form name="frmCaptcha" id="frmCaptcha" action="" method="post">
<div style="width:300px;border:1px solid #cccccc;font-size:11px;font-family:Verdana;padding:0px 0px 5px 0px;">
<?php echo isset($vResult) ? $vResult . '<br />' : '';?>
<img src="captcha.php?rand=<?php echo rand(1000, 9999);?>" /><br />
Enter text appeared on the image above:<br />
<input autocomplete="off" type="text" name="security_code" id="security_code" value="" />
<input type="submit" name="btnSubmit" id="btnSubmit" value="Submit" />
</div>
</form>
</div>
 <div id="leftmenu">
<div id="side1">
  <?php include("menu.php"); ?>
 </div></div>
 
 <div id="footer"><br /><?php include("footer.php"); ?></div>
</div>
</body>
</html> 
 
 

This was the sample captcha testing page. This captcha field has to be implemented in your FORM from where the discussion reply is posted. The following lines have to be added in your reply form:


<img src="captcha.php?rand=<?php echo rand(1000, 9999);?>" /><br />
Enter text appeared on the image above:<br />
<input autocomplete="off" type="text" name="security_code" id="security_code" value="" />

And then the check of captcha must be on top of your script which validates and adds the replies in the database.

Thanks a lot. I was travelling and could not come to the forum earlier. When you say FORM from where the discussion reply is posted, do you mean the discussion forum (discussionforum.php) below?

The following is the code of my discussion forum script.Sorry if my questions are too silly. I am too much of a newbie in this subject.

 
<?php
$page_title = "jppp - My Personal Web Page - 
Discussion Forum";
$page_description = "jppp - My Personal Web Page - discussion forum";
 
 include("header.php"); ?>
<h1>Discussion Forum</h1>
<p>Welcome to my discussion forum.  This is an open platform for you 
to start a discussion on any topic or give your opinion on any of the 
existing topics.
(TROLLS AND SPAMMERS BEWARE.  Those who troll or spam are trespassing 
into my site I reserve the right to delete any post which I find 
inappropriate).</p>
 
<br />
 
<?php 
ini_set("error_reporting", E_ALL); ini_set("display_errors", 1); 
 
 
 
mysql_connect("localhost", "jppp_pvarier", "/*MniVVVmP*/");
mysql_select_db("jppp_MsgBoard");
 
?>
<form action="newthread.php" method="POST">  
Your Name: <input type="text" name="author"><br>  
 
Topic of Discussion: <input type="text" name="title"><br>  
Post:<br><textarea cols="60" rows="5" name="message"></textarea><br> 
<input type="submit" value="Post Reply">  
</form> 
<hr>
<?php  
// We are selecting everything from the threads section in the 
database and ordering them newest to oldest.  
 $sql = mysql_query("SELECT * FROM threads ORDER BY posted DESC"); 
 
if(!$sql) { die(mysql_error()); }
 
 
// Now we are getting our results and making them an array  
while($r = mysql_fetch_array($sql)) {  
 
// Everything within the two curly brackets can read from the database 
using $r[] 
// We need to convert the UNIX Timestamp entered into the database for 
when a thread...  
// ... is posted into a readable date, using date().  
 /* Create using servers time/timezone */
 $posted = date("jS M Y h:i",$r['posted']);  
 
// Now we will show the available threads  
echo "<h3><a href='msg.php?id=$r[id]'>$r[title]</a> ($r[replies])
</h3><h4>Posted by $r[author] on $posted</h4>"; 
 
// End of Array  
}  
?> 
</div>
 
<div id="leftmenu">
<div id="side1">
  <?php include("menu.php"); ?>
 </div></div>
 
 
 <div id="footer"><br /><?php include("footer.php"); ?></div>
</div>
</body>
</html>
 
 

The following is the code of my form containing the captcha image.

 
<?php
session_start();
if($_SERVER['REQUEST_METHOD'] == 'POST'){
$vResult = '';
 if(strtolower($_SESSION['key']) != strtolower($_POST
['security_code'])){
$vResult = 'Security Code is invalid!';   
}
else{
die('<a href="discussionforum.php">Discussion Forum</a>');
}
}
?>
<html>
<?php
$page_title = "jppp - My Personal Web Page - Discussion Form";
$page_description = "jppp - My Personal Web Page - discussion form";
 
 include("header.php"); ?>
<body>
<form name="frmCaptcha" id="frmCaptcha" action="" method="post">
<div style="width:300px;border:1px solid #cccccc;font-size:11px;font-
family:Verdana;padding:0px 0px 5px 0px;">
<?php echo isset($vResult) ? $vResult . '<br />' : '';?>
<img src="captcha.php?rand=<?php echo rand(1000, 9999);?>" /><br />
Enter text appeared on the image above:<br />
<input autocomplete="off" type="text" name="security_code" 
id="security_code" value="" />
<input type="submit" name="btnSubmit" id="btnSubmit" value="Submit" />
</div>
</form>
</div>
 <div id="leftmenu">
<div id="side1">
  <?php include("menu.php"); ?>
 </div></div>
 
 <div id="footer"><br /><?php include("footer.php"); ?></div>
</div>
</body>
</html>