PDA

View Full Version : Merging a Captcha file and Dynamic Form - HOW?


jool
08-30-2006, 09:20 PM
Hello all,

I have been trying to add a 'CAPTCHA' (basically a JPEG of letters which the web-user is asked to type in to prove s/he is not a spam bot) device to my online php dynamic form. I have found a simple CAPTCHA device online which has been made and donated by a kind programer. This in it's simple form can be found at
http://www.privatelesson.co.uk/form.php

I have my own simple form - the contents of which go into my MySQL database. This is at
http://www.privatelesson.co.uk/simpleform.php

Now, I want to take the CAPTCHA functionality and add it to my simple php form feeding my database. Basically, instead of getting the message
Thanks, you entered the correct code.
I'd like the form details to go into the database as I specified in simple.form.php

My attempts at combining these codes continually fail as I don't really know what I'm doing. I'll gladly post the code I'm dealing with and also my own failed attempts to anyone who might be able to assist.

Many thanks for reading this post

Best regards,
Jool

davidj
08-31-2006, 07:29 AM
need the name of....

database
table
fields

jool
08-31-2006, 08:06 AM
Thanks DavidJ,

The database is called c and the table within that is called l_teachers.

There are a lot of fields in the table but keeping thing simple just to get the functionality correct, I'm only using the fields firstname and autonumber.

The code is:
[code]<?php require_once('../Connections/connectionc.php'); ?>
<?php

////I'm guessing this function is the one which puts the info typed into here into the SQL Table
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO l_teachers (autonumber, firstname) VALUES (%s, %s)",
GetSQLValueString($_POST['autonumber'], "int"),
GetSQLValueString($_POST['firstname'], "text"));

mysql_select_db($database_connectionc, $connectionc);
$Result1 = mysql_query($insertSQL, $connectionc) or die(mysql_error());

$insertGoTo = "thanksforentering.htm";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>

<body>

<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table align="center">
<tr valign="baseline">

</tr>
<tr valign="baseline">
<td nowrap align="right">Firstname:</td>
<td><input type="text" name="firstname" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right"></td>
<td><input type="submit" value="Insert record"></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1">
</form>
[code]

Now the line that I'm trying to change in the Captcha code so that the contents of the form are sent to the database as described above is:

[code]if($valid == TRUE) {
echo "<center>Thanks, you entered the correct code.</center>";
} else {
echo "<center>Sorry, the code you entered was invalid. <a href=\"javascript:history.go(-1)\">Go back</a> to try again.</center>";
}[/code]

Instead of the Thanks line, I'd like the info just to go into the database.

Anyway, sorry for dumping the code here. I thought it might help.

Many many thanks

Jool

davidj
08-31-2006, 12:02 PM
where is autonumber getting its value from

You have written it as if its coming from a form element $_POST but you have not defined a field for this

if you are auto incrementing within your database then you dont have to catch this in a post or include it in your insert statement

dreamweaver writes ugly code



<?php
require_once('../Connections/connectionc.php');

$autonum = $_POST['autonumber']; // dont know if this is needed
$firstname = $_POST['firstname']; // form value - firstname
$post = $_POST["MM_insert"]; // check if form has been submitted

if ($post == "form1") {
$insertSQL = sprintf("INSERT INTO l_teachers (autonumber, firstname) VALUES ('%s', '%s')", $autonum,$firstname);
mysql_select_db($database_connectionc, $connectionc);
$Result1 = mysql_query($insertSQL, $connectionc) or die(mysql_error());

header("Location:thanks_for_entering.php"); // redirect on success
exit; // always exit script after a redirect
}

?>

jool
08-31-2006, 08:30 PM
Thanks - this put me in the right track, and I stripped it all the code down and built it up again.

Strangely enough - it now seems to be working.

Many thanks

Jool :D