summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
deb56da)
Big problem now is that with JS disabled the CAPTCHA image doesn't load (although it IS fetched from google). I'm not sure why exactly that is. Originally the image was loaded with recaptcha_get_html($this->recaptcha_publickey), but that isn't compatible with the JS load.
Class captcha validates with google and returns the result.
The new comment is not loaded into view after submitting.
The fields should be validated as you go -> special note needs to be taken to consider the javascript-disabled validation and feedback.
Lots of prettying up is necessary with the error messages and such.
It's probably worth spending a commit on code cleanup now, it's getting a bit messy, particularly with the HEREDOCS.
+RewriteRule ^captcha/?$ /index.php [L]
+
RewriteRule ^note/([^/\.]+)?/?$ /index.php?note=$1 [L]
RewriteRule ^note/([^/\.]+)?/comments/?$ /index.php?comments=true¬e=$1 [L]
RewriteRule ^note/([^/\.]+)?/comments/verify/?$ /index.php?comments=true&verify=true¬e=$1 [L]
RewriteRule ^note/([^/\.]+)?/?$ /index.php?note=$1 [L]
RewriteRule ^note/([^/\.]+)?/comments/?$ /index.php?comments=true¬e=$1 [L]
RewriteRule ^note/([^/\.]+)?/comments/verify/?$ /index.php?comments=true&verify=true¬e=$1 [L]
return 'index';
} else if (isset($_GET['project'])) {
return 'project';
return 'index';
} else if (isset($_GET['project'])) {
return 'project';
+ } else if (isset($_GET['challenge'])) {
+ return 'captcha';
}
public function query() {
}
public function query() {
$home_link = "http://validator.w3.org/unicorn/check?ucn_uri=dylanstestserver.com&ucn_task=conformance#";
} else if ($this->determine_type() == 'note') {
$scripts = "<script type=\"text/javascript\" src=\"http://www.google.com/recaptcha/api/js/recaptcha_ajax.js\"></script>";
$home_link = "http://validator.w3.org/unicorn/check?ucn_uri=dylanstestserver.com&ucn_task=conformance#";
} else if ($this->determine_type() == 'note') {
$scripts = "<script type=\"text/javascript\" src=\"http://www.google.com/recaptcha/api/js/recaptcha_ajax.js\"></script>";
+ $scripts .= "<script type=\"text/javascript\" src=\"/includes/jquery-core.js\"></script>";
+ $scripts .= "<script type=\"text/javascript\" src=\"/includes/jquery-all-components.js\"></script>";
+ $scripts .= "<script type=\"text/javascript\" src=\"/includes/ajax.js\"></script>";
}
echo <<<END_OF_HEAD
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
}
echo <<<END_OF_HEAD
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
}
private function verify() {
}
private function verify() {
- require_once('includes/recaptchalib.php');
- echo "<br>";
- $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
- $_SERVER["REMOTE_ADDR"],
- $_POST["recaptcha_challenge_field"],
- $_POST["recaptcha_response_field"]);
- if (!$resp->is_valid) {
- $this->failed_captcha = true;
- } else {
+ var_dump($_POST['captcha']);
+ var_dump(isset($_POST['captcha']));
+ var_dump(isset($_POST['captcha']) || false);
+ if (!isset($_POST['captcha'])) {
+ require_once('includes/recaptchalib.php');
+ echo "<br>";
+ $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
+ $_SERVER["REMOTE_ADDR"],
+ $_POST["recaptcha_challenge_field"],
+ $_POST["recaptcha_response_field"]);
+ if (!$resp->is_valid) {
+ $this->failed_captcha = true;
+ }
+ }
+ if (isset($_POST['captcha']) || $resp->is_valid) {
$sql = ("INSERT INTO comments (date_posted, author,
email, text, note)
VALUES(NOW(), ?, ?, ?, ?)");
$stmt = $this->db->prepare($sql);
// Checks are needed here (no blank text,
// and a default author / email need to be set
$sql = ("INSERT INTO comments (date_posted, author,
email, text, note)
VALUES(NOW(), ?, ?, ?, ?)");
$stmt = $this->db->prepare($sql);
// Checks are needed here (no blank text,
// and a default author / email need to be set
+ // for no-javascript users.
$stmt->bind_param('ssss',
$stmt->bind_param('ssss',
- htmlspecialchars($_POST['author']),
+ htmlspecialchars($_POST['name']),
htmlspecialchars($_POST['email']),
htmlspecialchars($_POST['text']),
$this->id);
htmlspecialchars($_POST['email']),
htmlspecialchars($_POST['text']),
$this->id);
$publickey = $this->recaptcha_publickey;
echo <<<END_CAPTCHA_STYLE
<script type="text/javascript">
$publickey = $this->recaptcha_publickey;
echo <<<END_CAPTCHA_STYLE
<script type="text/javascript">
-function showRecaptcha(element) {
+function showRecaptcha() {
Recaptcha.create("$publickey",
"recaptcha_div",
{
Recaptcha.create("$publickey",
"recaptcha_div",
{
require_once('includes/recaptchalib.php');
// Trailing slash is necessary for reloads to work
$url = $this->url . "verify";
require_once('includes/recaptchalib.php');
// Trailing slash is necessary for reloads to work
$url = $this->url . "verify";
- echo "<form method=\"post\" action=\"$url\">";
+ echo "<form id=\"comment_form\" method=\"post\" action=\"$url\">";
echo <<<END_OF_FORM
<div id="comment">
echo <<<END_OF_FORM
<div id="comment">
-<input type="button" value="comment" onclick="showRecaptcha('recaptcha_div');"></input>
+<h3><a onclick="showRecaptcha();">comment?</a></h3>
<div id="recaptcha_div">
<br>
<h3>comment:</h3>
<div id="recaptcha_div">
<br>
<h3>comment:</h3>
-<textarea rows="10" cols="70" name=text></textarea>
+<textarea rows="10" cols="70" name="text" id="comment_text"></textarea>
-<input type=text name=author>
+<input type=text name="name" id="comment_name">
-<input type=text name=email><br>
+<input type=text name="email" id="comment_email"><br>
<nowiki>
<div id="recaptcha_widget">
<nowiki>
<div id="recaptcha_widget">
+class captcha extends cms {
+ public function display() {
+ $challenge = $_GET['challenge'];
+ $response = $_GET['response'];
+ $remoteip = $_SERVER['REMOTE_ADDR'];
+ $curl = curl_init('http://api-verify.recaptcha.net/verify?');
+ curl_setopt ($curl, CURLOPT_POST, 4);
+ curl_setopt ($curl, CURLOPT_POSTFIELDS, "privatekey=$this->recaptcha_privatekey&remoteip=$remoteip&challenge=$challenge&response=$response");
+ $result = curl_exec ($curl);
+ curl_close ($curl);
+ }
+}
+
## now actually do something:
switch (cms::determine_type()) {
case "index":
## now actually do something:
switch (cms::determine_type()) {
case "index":
$archive = new archive;
$archive->display();
break;
$archive = new archive;
$archive->display();
break;
+ case "captcha":
+ $captcha = new captcha;
+ $captcha->display();
+ break;