图片验证码问题

【问题标题】:Image verification code problem图片验证码问题
【发布时间】:2011-05-24 08:55:54
【问题描述】:

大家好,我在联系表单中添加了图片验证码。它成功显示了图像,但它告诉我图像验证码是错误的,即使我输入正确。我相信这是我的contactform.php中的问题

这是我的 HTML 表单:

<form id="ajax-contact-form" action="javascript:alert('success!');">
<label>Name:*</label><INPUT class="textbox" type="text" name="name" value=""><br />

<label>E-Mail:*</label><INPUT class="textbox" type="text" name="email" value=""><br />

<label>Telephone:</label><INPUT class="textbox" type="text" name="Telephone" value=""      /><br />

<INPUT class="textbox" type="hidden" name="subject" value="Contact Form" >

<label>Message:*</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25">    </TEXTAREA><br />
<tr>
<label>Image  Verification:*</label>
        <input type="text"  name="verify" style="width:200px;" /><img  src="verification.php?<?php echo rand(0,9999);?>" alt="Help us  avoid spam! Please type the image text in the box" width="50"  height="24" align="absbottom" />


<label>&nbsp;</label><INPUT class="button" type="submit" name="submit" value="Send Message">
</form>

这是它发送到的contactform.php:

<?php
/*
Credits: Bit Repository
URL: http://www.bitrepository.com/
*/

include 'config.php';

error_reporting (E_ALL ^ E_NOTICE);

$post = (!empty($_POST)) ? true : false;

if($post)
{
include 'functions.php';

$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$telephone = stripslashes($_POST['telephone']);
$subject = stripslashes($_POST['subject']);
$message = stripslashes($_POST['message']);
$verify = stripslashes($_POST['verify']);


$error = '';

// Check name

if(!$name)
{
$error .= 'Please enter your name.<br />';
}

// Check email

if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}

if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}

// Check message (length)

if(!$message || strlen($message) < 15)
{
$error .= "Please enter your message. It should have at least 15 characters.<br />";
}

// Check Verification code
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' !=  $_cookie['contact_verify'])
{
$error .= "Image Verification failed.<br />";
}





//Send the Name, Email, Telephone, and Message in a formated version.
$email_message = "The following message was sent to you in your contact form on domain.com\n\n";

function clean_string($string) {
  $bad = array("content-type","bcc:","to:","cc:","href");
  return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Message: ".clean_string($message)."\n";

if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $email_message,
 "From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());


if($mail)
{
echo 'OK';
}

}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}

}
?>

最后..这里是生成验证图像的verification.php:

<?php

//Declare in the header what kind of file this is
header('Content-type: image/jpeg');

//A nice small image that's to the point 
$width = 50;
$height = 24;

//Here we create the image with the sizes declared above and save it to a  variable my_image
$my_image = imagecreatetruecolor($width, $height);

//Let's give our image a background color.  White sound ok to everyone?
imagefill($my_image, 0, 0, 0xFFFFFF);

//Now we're going to add some noise to the image by placing pixels  randomly all over the image
for ($c = 0; $c < 40; $c++){
$x = rand(0,$width-1);
$y = rand(0,$height-1);
imagesetpixel($my_image, $x, $y, 0x000000);
}

$x = rand(1,10);
$y = rand(1,10);

$rand_string = rand(1000,9999);
imagestring($my_image, 5, $x, $y, $rand_string, 0x000000);

/*
We're going to store a ****** in the user's browser so we can call to it
later and confirm they entered the correct verification. The
"md5 rand string" can be anything you want.  It's just our personal
code to be added to the end of the captcha value stored in the ******
as an encrypted string
*/
setcookie('contact_verify',(md5($rand_string).'098f6bcd4621d373cade4e832627b4f6'));

imagejpeg($my_image);
imagedestroy($my_image);
?>

有什么想法吗?

【问题讨论】:

  • php 变量区分大小写。这不是 $_cookie。把你所有的代码都写在error_reporting(E_ALL);下,避免出现这种愚蠢的错误

标签: php html ajax verification contact-form


【解决方案1】:

在页面刷新之前,PHP 不会传输 cookie。因此,当您通过 AJAX 提交表单时,它不会获取 cookie。更好的方法是将图像验证码存储在 $_SESSION 变量中,而不是存储在 cookie 中:

$_SESSION['contact_verify'] = (md5($rand_string).'098f6bcd4621d373cade4e832627b4f6');

【讨论】:

  • 有什么区别?为什么 $_SESSION 变量会成功超过 cookie?
  • 因为 $_SESSION 存储在服务器端,设置后立即。 Cookie 必须发送到浏览器,然后在下一次请求时重新传输。不如先试试看?
  • 哈哈。你为什么不先试试看?嗯,值是存储在服务器端的,好吧。现在我们想将传入的请求与存储的值相关联,是吗?
  • 对不起.. 这是我第一次使用 PHP。我将contactform.php 中的$_cookie 设置为$_session。但在我的verification.php 中,我不确定将“setcookie”更改为什么。因为我不相信有一个“setsession”
  • @Col。弹片:无论这是否能解决问题中描述的问题,仅根据用户提供给您的内容进行验证仍然是一个糟糕的主意,并且提问者仍应使用会话变量而不是 cookie。
猜你喜欢
  • 1970-01-01
  • 2011-11-25
  • 1970-01-01
  • 1970-01-01
  • 2020-05-01
  • 2020-12-20
  • 1970-01-01
  • 2022-07-20
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode