Super Suite
Get all extensions for one suite price
Design Extender
Design and create unlimited websites
Data Bridge
Develop database-driven websites
eCart
Build a responsive shopping cart + checkout
MySQLi Server Behaviors
Generate streamlined MySQLi
Free PayPal Toolkit
Paypal, PayPal Credit, and Skype
Help
9/16/2015 5:28 pm | #1 elewis93815 I've attached Captcha to a contact form on a website and we are still getting several submissions that are in Chinese or are seemingly autofill junk. I've attached the files, I'm just curious to know if I've used it and added it correctly.
thanks,
9/17/2015 12:49 am | #2 Ray BorduinWebAssist
No, it is not implemented correctly. You are simply validating that any value was entered into the form field. You should be using "Like Entry" validation and not just "Required" validation.
Then you can compare the entered value with the session variable: $_SESSION["captcha_Security_Code_1"] and make sure they are the same and not just that a value was entered like you are now.
9/17/2015 2:11 pm | #3 elewis93815 Hi Ray, I've updated the areas that you've instructed and it seems that it's still submitting even if I input just one letter in the captcha???? Thanks so much for your help!
9/17/2015 2:36 pm | #4 Ray BorduinWebAssist
You are comparing the $_POST value to the $_POST value... you need to compare the $_POST value to the $_SESSION value like I pointed out above.
The $_POST value will always be equal to itself, so yes it will submit no matter what is entered.
11/18/2015 6:26 pm | #5 elewis93815 I am still having issues with this. I guess maybe I'm not understanding where I'm going wrong?? Any assistance is greatly appreciated.
11/18/2015 10:23 pm | #6 Ray BorduinWebAssist
I don't even see CAPTCHA in that form or server validation on that page? What page should I be looking at?
11/19/2015 7:31 am | #7 elewis93815 So sorry. Here are the correct files.
11/19/2015 11:42 am | #8 Ray BorduinWebAssist
Line 11 should be:
$WAFV_Errors .= WAValidateLE(strtolower(((isset($_SESSION["captcha_Security_Code_1"]))?$_SESSION["captcha_Security_Code_1"]:"")) . "",strtolower(((isset($_POST["Security_Code_1"]))?$_POST["Security_Code_1"]:"")) . "",true,1);
11/21/2015 5:22 am | #9 elewis93815 Thanks for your help! I replaced the code as suggested. Where did I go wrong? In the server validation, I'm assuming I picked the incorrect values? Moving forward I would like to have a better understanding. Thanks again!
11/23/2015 10:45 am | #10 Ray BorduinWebAssist
Yes, when you applied the server validation you compared the submitted form value to itself... which will always match.
You need to compare the value entered into the form element to the Session value stored by the CAPTCHA, which is what the updated code does.
Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.
These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.
©1999-2024 WebAssist.com Corporation. All rights reserved and all that jazz.
Account or customer service questions?
Please user our contact form.
Need technical support?
Please visit support to ask a question
Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...
Uploading file...
