catfish Posted March 18, 2011 Report Share Posted March 18, 2011 I have just started using the recaptcha on a website that the client says was getting spammed. It seems to work alright but I think something is not quite right. What happens is that if I don't fill in all the required fields of the form I get the error message correctly telling me to go back and fill in all required fields but if I fill the form in with all required fields and incorrectly fill in the recaptcha it says "thankyou ... blah blah and then "The reCAPTCHA wasn't entered correctly. Go back and try it again." ."(reCAPTCHA said: " . $resp->error . ")" But, I will still receive the email. Here is that bit of my code. Once again, I don't know too much about PHP <?php /* Functions ----------------------------------------- */ function cleanInput($input) { $search = array( '@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments ); $output = preg_replace($search, '', $input); return $output; } function sanitize($input) { if (is_array($input)) { foreach($input as $var=>$val) { $output[$var]=sanitize($val); } } else { if (get_magic_quotes_gpc()) { $input=stripslashes($input); } $output=cleanInput($input); } return $output; } /* Code ---------------------------------------------- */ $name = sanitize($_POST['name']); $last = sanitize($_POST['last']); $phone = sanitize($_POST['phone']); $email = sanitize($_POST['email']); $address = sanitize($_POST['address']); $city = sanitize($_POST['city']); $type = sanitize($_POST['type']); $time = sanitize($_POST['time']); $month = sanitize($_POST['month']); $date = sanitize($_POST['date']); $howhear = sanitize($_POST['howhear']); $comments = sanitize($_POST['comments']); // Check any required fields here, and if they are blank, generate an error. // Otherwise, send the email message ("||" is an "or" character) if (empty($name) || empty($phone) || empty($address) || empty($city) ||empty($comments)) { echo 'please go back and fill in all required fields'; } else { $to="theemailaddress"; $message="$name $last is requesting to schedule an appointment.\n\nTheir phone number is:\n$phone\n\nTheir home address is:\n$address\n\nThe City is:\n$city\n\nWhat type of service are you requesting:\n$type\n\nDo you request and specific time of day:\n$time\n\nMonth requested is:\n$month\n\nDate requested is:\n$date\n\nI heard about company name:\n$howhear\n\nThey said:\n$comments\n\nTheir e-mail address was: $email"; if(mail($to,"Request to schedule appointment",$message,"From: $email\n")) { echo "Thank you, a specialist will call you soon."; } else { echo "There was a problem sending the mail. Please check that you filled in the form correctly."; } } require_once('recaptchalib.php'); $privatekey = "xxxxxxxxxxx"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")"); } ?> Quote Link to comment Share on other sites More sharing options...
falkencreative Posted March 18, 2011 Report Share Posted March 18, 2011 Possibly the easiest solution is to move the lines that check that the CAPTCHA is entered correctly above the lines where you check for missing inputs. I'd try this, and report back if you are still having issues: <?php /* Functions ----------------------------------------- */ function cleanInput($input) { $search = array( '@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments ); $output = preg_replace($search, '', $input); return $output; } function sanitize($input) { if (is_array($input)) { foreach($input as $var=>$val) { $output[$var]=sanitize($val); } } else { if (get_magic_quotes_gpc()) { $input=stripslashes($input); } $output=cleanInput($input); } return $output; } /* Code ---------------------------------------------- */ $name = sanitize($_POST['name']); $last = sanitize($_POST['last']); $phone = sanitize($_POST['phone']); $email = sanitize($_POST['email']); $address = sanitize($_POST['address']); $city = sanitize($_POST['city']); $type = sanitize($_POST['type']); $time = sanitize($_POST['time']); $month = sanitize($_POST['month']); $date = sanitize($_POST['date']); $howhear = sanitize($_POST['howhear']); $comments = sanitize($_POST['comments']); require_once('recaptchalib.php'); $privatekey = "xxxxxxxxxxx"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")"); } // Check any required fields here, and if they are blank, generate an error. // Otherwise, send the email message ("||" is an "or" character) if (empty($name) || empty($phone) || empty($address) || empty($city) ||empty($comments)) { echo 'please go back and fill in all required fields'; } else { $to="theemailaddress"; $message="$name $last is requesting to schedule an appointment.\n\nTheir phone number is:\n$phone\n\nTheir home address is:\n$address\n\nThe City is:\n$city\n\nWhat type of service are you requesting:\n$type\n\nDo you request and specific time of day:\n$time\n\nMonth requested is:\n$month\n\nDate requested is:\n$date\n\nI heard about company name:\n$howhear\n\nThey said:\n$comments\n\nTheir e-mail address was: $email"; if(mail($to,"Request to schedule appointment",$message,"From: $email\n")) { echo "Thank you, a specialist will call you soon."; } else { echo "There was a problem sending the mail. Please check that you filled in the form correctly."; } } ?> Quote Link to comment Share on other sites More sharing options...
catfish Posted March 18, 2011 Author Report Share Posted March 18, 2011 That seems have worked well. Thanks once again for your expertise! Possibly the easiest solution is to move the lines that check that the CAPTCHA is entered correctly above the lines where you check for missing inputs. I'd try this, and report back if you are still having issues: <?php /* Functions ----------------------------------------- */ function cleanInput($input) { $search = array( '@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@' // Strip multi-line comments ); $output = preg_replace($search, '', $input); return $output; } function sanitize($input) { if (is_array($input)) { foreach($input as $var=>$val) { $output[$var]=sanitize($val); } } else { if (get_magic_quotes_gpc()) { $input=stripslashes($input); } $output=cleanInput($input); } return $output; } /* Code ---------------------------------------------- */ $name = sanitize($_POST['name']); $last = sanitize($_POST['last']); $phone = sanitize($_POST['phone']); $email = sanitize($_POST['email']); $address = sanitize($_POST['address']); $city = sanitize($_POST['city']); $type = sanitize($_POST['type']); $time = sanitize($_POST['time']); $month = sanitize($_POST['month']); $date = sanitize($_POST['date']); $howhear = sanitize($_POST['howhear']); $comments = sanitize($_POST['comments']); require_once('recaptchalib.php'); $privatekey = "xxxxxxxxxxx"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")"); } // Check any required fields here, and if they are blank, generate an error. // Otherwise, send the email message ("||" is an "or" character) if (empty($name) || empty($phone) || empty($address) || empty($city) ||empty($comments)) { echo 'please go back and fill in all required fields'; } else { $to="theemailaddress"; $message="$name $last is requesting to schedule an appointment.\n\nTheir phone number is:\n$phone\n\nTheir home address is:\n$address\n\nThe City is:\n$city\n\nWhat type of service are you requesting:\n$type\n\nDo you request and specific time of day:\n$time\n\nMonth requested is:\n$month\n\nDate requested is:\n$date\n\nI heard about company name:\n$howhear\n\nThey said:\n$comments\n\nTheir e-mail address was: $email"; if(mail($to,"Request to schedule appointment",$message,"From: $email\n")) { echo "Thank you, a specialist will call you soon."; } else { echo "There was a problem sending the mail. Please check that you filled in the form correctly."; } } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.