How to integrate (validate) recapcha in submit page
I'm using simple ajax commenting system and i dont now how to integrate recaptcha in submit page!
AJAX COMMENT.PHP
<?php
// Error reporting:
error_reporting(E_ALL^E_NOTICE);
include "connect.php";
include "comment.class.php";
/*
/ Select all the comments and populate the $comments array with objects
*/
$id = empty($_GET['id'])?0:$_GET['id'];
$comments = array();
$result = mysql_query("SELECT * FROM comments where url='$id' ORDER BY id desc");
while($row = mysql_fetch_assoc($result))
{
$comments[] = new Comment($row);
}
?>
<table width="800" border="0" class="komentar" cellpadding="0" cellspacing="0">
<tr>
<td width="480">
<div id="addCommentContainer" style="width:500px; overflow-x:hidden;">
</div>
<div id="main" style="width:500px; overflow-x:hidden;">
<?php
/*
/ Output the comments one by one:
*/
foreach($comments as $c){
echo $c->markup();
}
?>
</div>
</td>
<td valign="top" width="320">
<table width="300" border="0" cellpadding="0" cellspacing="0">
<tr>
<td height="16" background="commentfg.png" style="background-repeat:no-repeat;">
</td>
</tr>
<tr>
<td height="20" background="commentfs.png">
<form id="addCommentForm" method="post" action="">
<div style="margin-left:15px; color:white;">
<label for="name">Vase ime:  </label><br>
<input type="text" name="name" id="name" />
<p><label for="email">Email: (bice sakriven)  </label><br>
<input type="text" name="email" id="email" /></p>
<input type="hidden" name="url" id="url" value="<?php $id = empty($_GET['id'])?0:$_GET['id']; echo $id;?>"/>
<label for="body">Unesite komentar:  </label><br>
<textarea name="body" id="body" cols="30" rows="5" onKeyDown="limitText(this.form.body,this.form.countdown,200);"
onKeyUp="limitText(this.form.body,this.form.countdown,200);"></textarea><br><br>
Broj preostalih znakova:(max 200):<input readonly type="text" name="countdown" size="3" value="200">
<br>
<script type="text/javascript"
src="http://www.google.com/recaptcha/api/challenge?k=6LeQc8MSAAAAAMGe16dslbxCRu3Frs_265JhH88j">
</script>
<noscript>
<iframe src="http://www.google.com/recaptcha/api/noscript?k=6LeQc8MSAAAAAMGe16dslbxCRu3Frs_265JhH88j"
height="300" width="500" frameborder="0"></iframe><br>
<textarea name="recaptcha_challenge_field" rows="3" cols="40">
</textarea>
<input type="hidden" name="recaptcha_response_field"
value="manual_challenge">
</noscript>
<br>
<input type="submit" id="submit" value="Potvrdi" />
</div>
</form>
</td>
</tr>
<tr>
<td height="16" background="commentfd.png" style="background-repeat:no-repeat;">
</td>
</tr>
</table>
</td>
</tr>
</table>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="script.js"></script>
COMMENT.CLASS.php
<?php
class Comment
{
private $data = array();
public function __construct($row)
{
/*
/ The constructor
*/
$this->data = $row;
}
public function markup()
{
/*
/ This method outputs the XHTML markup of the comment
*/
// Setting up an alias, so we don't have to write $this->data every time:
$d = &$this->data;
$link_open = '';
$link_close = '';
// Converting the time to a UNIX timestamp:
$d['dt'] = strtotime($d['dt']);
// Needed for the default gravatar image:
$url = 'http://'.dirname($_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"]).'/img/default_avatar.png';
return '
<div style="width:500px; overflow-x:hidden;">
<table width="500" >
<tr>
<td valign="top" width="100" height="120" background="avatar.png" style="background-repeat:no-repeat;" align="center">
<div class="avatar" style="width:100px; overflow-x:hidden; margin-top:10px; ">
'.$link_open.'
<img src="http://www.gravatar.com/avatar/'.md5($d['email']).'?size=50&default='.urlencode($url).'" />
'.$link_close.'
</div>
<div style="width:80px; height:40px; overflow:hidden;">
<font color="#47a5db">'.$link_open.$d['name'].$link_close.'</font>
</div>
</td>
<td width="400" valign="top">
<table width="400" border="0" cellpadding="0" cellspacing="0">
<tr>
<td height="开发者_如何学运维20" valign="bottom" background="commentg.png" style="background-repeat:no-repeat;">
<div class="date" title="Added at '.date('H:i \o\n d M Y',$d['dt']).'" style="margin-left:10px;">
<font color="silver" size="-1">'.date('d M Y',$d['dt']).'</font>
</div>
</td>
</tr>
<tr>
<td background="comments.png" style="background-repeat:repeat-y;">
<div style="width:350px; overflow-x:hidden; margin-top:0px; margin-left:10px;">
<p><font color="white"><b>'.$d['body'].'</b></font></p>
</div>
</td>
</tr>
<tr>
<td height="20" background="commentd.png" style="background-repeat:no-repeat;">
</td>
</tr>
</table>
</td>
</tr>
</table>
</div>
';
}
public static function validate(&$arr)
{
/*
/ This method is used to validate the data sent via AJAX.
/
/ It return true/false depending on whether the data is valid, and populates
/ the $arr array passed as a paremter (notice the ampersand above) with
/ either the valid input data, or the error messages.
*/
$errors = array();
$data = array();
// Using the filter_input function introduced in PHP 5.2.0
if(!($data['email'] = filter_input(INPUT_POST,'email',FILTER_VALIDATE_EMAIL)))
{
$errors['email'] = 'Unesite validan Email!';
}
if(!($data['url'] = filter_input(INPUT_POST,'url',FILTER_CALLBACK,array('options'=>'Comment::validate_text'))))
{
// If the URL field was not populated with a valid URL,
// act as if no URL was entered at all:
$errors['url'] = 'Please enter a url.';
}
// Using the filter with a custom callback function:
if(!($data['body'] = filter_input(INPUT_POST,'body',FILTER_CALLBACK,array('options'=>'Comment::validate_text'))))
{
$errors['body'] = 'Niste uneli komentar!';
}
if(!($data['name'] = filter_input(INPUT_POST,'name',FILTER_CALLBACK,array('options'=>'Comment::validate_text'))))
{
$errors['name'] = 'Niste uneli ime!';
}
if(!empty($errors)){
// If there are errors, copy the $errors array to $arr:
$arr = $errors;
return false;
}
// If the data is valid, sanitize all the data and copy it to $arr:
foreach($data as $k=>$v){
$arr[$k] = mysql_real_escape_string($v);
}
// Ensure that the email is lower case:
$arr['email'] = strtolower(trim($arr['email']));
return true;
}
private static function validate_text($str)
{
/*
/ This method is used internally as a FILTER_CALLBACK
*/
if(mb_strlen($str,'utf8')<1)
return false;
// Encode all html special characters (<, >, ", & .. etc) and convert
// the new line characters to <br> tags:
$str = nl2br(htmlspecialchars($str));
// Remove the new line characters that are left
$str = str_replace(array(chr(10),chr(13)),'',$str);
return $str;
}
}
?>
SUBMIT.PHP
<?php
// Error reporting:
error_reporting(E_ALL^E_NOTICE);
include "connect.php";
include "comment.class.php";
/*
/ This array is going to be populated with either
/ the data that was sent to the script, or the
/ error messages.
/*/
$arr = array();
$validates = Comment::validate($arr);
if($validates)
{
/* Everything is OK, insert to database: */
mysql_query(" INSERT INTO comments(name,url,email,body)
VALUES (
'".$arr['name']."',
'".$arr['url']."',
'".$arr['email']."',
'".$arr['body']."'
)");
$arr['dt'] = date('r',time());
$arr['id'] = mysql_insert_id();
/*
/ The data in $arr is escaped for the mysql query,
/ but we need the unescaped variables, so we apply,
/ stripslashes to all the elements in the array:
/*/
$arr = array_map('stripslashes',$arr);
$insertedComment = new Comment($arr);
/* Outputting the markup of the just-inserted comment: */
echo json_encode(array('status'=>1,'html'=>$insertedComment->markup()));
}
else
{
/* Outputtng the error messages */
echo '{"status":0,"errors":'.json_encode($arr).'}';
}
?>
Generally
- Call captcha script on your comment (submit) page. It sets value to session variable (e.g. $_SESSION["captcha"]).
- Put text input in your submit form to get user's answer on captcha (if it's not provided with captcha script).
- In submit script check if session value matches user's input.
加载中,请稍侯......
精彩评论