How can I incorporate the show if server behavior in an existing PHP script?

I have a contact form on my site that uses a custom php script along with a jquery script. It has been working fine for some time now, but the form is not as secure as I want it to be, so I've added a Captcha field with the appropriate Like Entry server validation. The jquery script takes each form value and stores it in a variable which is then passed into the processing page. I've assigned the Captcha form element to the variable named "verify" so that now the validation Server Behavior looks like this:

<?php
if ((((isset($_POST["verify"]))?$_POST["verify"]:"") != "")) {
$WAFV_Redirect = "";
$_SESSION['WAVT_contact_413_Errors'] = "";
if ($WAFV_Redirect == "") {
$WAFV_Redirect = $_SERVER["PHP_SELF"];
}
$WAFV_Errors = "";
$WAFV_Errors .= WAValidateLE($_SESSION['captcha_Security_Code_1'] . "",$_SESSION['captcha_Security_Code_1'] . "",true,1);

if ($WAFV_Errors != "") {
PostResult($WAFV_Redirect,$WAFV_Errors,"contact_413");
}
}
?>

Further down in the PHP code on the processing page, a variable is set as follows:

$verify = $_POST['verify'];

and then in the series of validation conditions, I've set the following:

} else if (trim($verify) == '') {
echo '<div class="error_message">Attention! Please enter the CAPTCHA code.</div>';
exit();
} else if (ValidatedField('contact_413','contact_413')) {
if((strpos((",".ValidatedField("contact_413","contact_413").","), "," . "1" . ",") !== false || "1" == "")) {
if (!(false)) {
echo '<div class="error_message">Attention! The CAPTCHA code you entered is incorrect.</div>';
//WAFV_Conditional ../contact.php contact_413(1:)
exit();
}
}
}

When I test the form and leave the Captcha field blank, the first condition shown above triggers the <div class="error_message">Attention! Please enter the CAPTCHA code.</div>, but when I enter an incorrect Captcha code, the second error message does not show up, instead, the form is submitted with no alert.

I've attached a sample page with the menu include file, the jquery file and the processor page as attachments. the pagetemplate2col.php and the contact.php are in the site root. The jquery.jigowatt.js is under the js folder in the site root and the menu01f.php is found in the includes folder under the site root.

Please let me know if you can find why the show if is not working for the incorrectly entered values.

Thanks!

This line:

$WAFV_Errors .= WAValidateLE($_SESSION['captcha_Security_Code_1'] . "",$_SESSION['captcha_Security_Code_1'] . "",true,1);

Should be:

$WAFV_Errors .= WAValidateLE($_SESSION['captcha_Security_Code_1'] . "",$_POST['verify'] . "",true,1);

Originally Said By: Ray Borduin

  This line:

$WAFV_Errors .= WAValidateLE($_SESSION['captcha_Security_Code_1'] . "",$_SESSION['captcha_Security_Code_1'] . "",true,1);

Should be:

$WAFV_Errors .= WAValidateLE($_SESSION['captcha_Security_Code_1'] . "",$_POST['verify'] . "",true,1);  

Thanks Ray!

I should have seen that. The validation seems to work because the form does not refresh to the confirmation content now, so now all that I need is to figure how to alter the show if that I've applied in the validations on the contact.php page:

} else if (ValidatedField('contact_413','contact_413')) {
if((strpos((",".ValidatedField("contact_413","contact_413").","), "," . "1" . ",") !== false || "1" == "")) {
if (!(false)) {
echo '<div class="error_message">Attention! The CAPTCHA code you entered is incorrect.</div>';
//WAFV_Conditional contact.php contact_413(1:)
exit();
}
}
}

It appears that possible the second contact_413 value should be the 'verify' value - but I'm just guessing. Any pointers would be most welcome!

Thanks!

It looks like it would work to me. Do you have the require_once() on the page to include the validations helper file?

Hi Ray:

I've added these lines to the form page:
<?php require_once("webassist/form_validations/wavt_scripts_php.php"); ?>
<?php require_once("webassist/form_validations/wavt_validatedform_php.php"); ?>

They already exist on the processing page.
When I leave the Captcha field blank, I get the validation to show up: "Attention! Please enter the CAPTCHA code."
When I enter the correct code the form submits and everything works as expected.
When I enter an incorrect captcha code, the form appears to process for a while but stays on the screen with no error displayed.

Thanks for your help!

Please attach a current version of the pages and I'll see if I can spot the problem.

Originally Said By: Ray Borduin

  Please attach a current version of the pages and I'll see if I can spot the problem.  

Thanks Ray!

Per your request I've attached a zip file with the pages that pertain to this issue. The pagetemplate2col.php and the contact.php are in the site root and the jquery.jigowatt.js is in the js folder, while the menu01f.php include file is in the includes folder.

Let me know what you find out!

On line 8 of contact.php:

$WAFV_Redirect = "";

that should be pointing back to the page that they are coming from where the CAPTCHA field is displayed.

Originally Said By: Ray Borduin

  On line 8 of contact.php:

$WAFV_Redirect = "";

that should be pointing back to the page that they are coming from where the CAPTCHA field is displayed.  

Thanks Ray:

I tested by hard-coding the page name for the page with the CAPTCHA element, and got the following error:

Warning: require_once(webassist/form_validations/wavt_scripts_php.php) [function.require-once]: failed to open stream: No such file or directory in <path from disk root to site root>\includes\menu01f.php on line 1

Fatal error: require_once() [function.require]: Failed opening required 'webassist/form_validations/wavt_scripts_php.php' (include_path='.;c:\PHP\includes;C:\PHP\PEAR') in <path from disk root to site root>\includes\menu01f.php on line 1

Since the menu include files differ, with all of them posting to the same contact.php page, I realized I need to pass the includes/menu01f.php value as a hidden form element value into a Sesssion Value so that the current form page would be stored and I could use that value. for the $WAFV_Redirect value. When I did this I got the same error.


Apparently because the include files are in a subdirectory of the site, the browser was not finding the includes though they are located in the paths shown in the error message. Since the menu01f.php is included in the index.php, I cut the includes from the menu01f.php file and pasted them in the include stack in the index.php. I got the menu01f.php appearing in the Contact Us menu when I submtted the form - no error message appeared. (I've attached a screenshot).

Since the include file is in the index.php, I then moved the two include calls on lines 1 and 2 to the index.php page. When I did this, and tested the contact form, instead of the error message appearing in the Contact Us menu, it was populated with the entire menu! So we're getting somewhere, but still not getting the error message on the menu. I suspect that the jQuery uses the exit(); function call in the contact.php on line 92 of the attached file, and that the validation may need to be modified to enable the proper action.

I've attached screenshots from Chrome and Firefox along with a zip file with the respective pages and their subdirectories from the site root.

Thanks for your help!

Did you add the validate field to the jquery form submit? I'm afraid I'm getting a little lost about where it is failing and why at this point.

You can try adding debug code to the validation... but since you are using jquery for the form submit I'm not quite clear on how the server validation is going to work.

Maybe write the values when the server validation is run to see if they have the values you would expect:


$WAFV_Errors .= WAValidateLE($_SESSION['captcha_Security_Code_1'] . "",$_POST['verify'] . "",true,1);
die($_SESSION['captcha_Security_Code_1'].":".$_POST['verify']);