From 32b53fe9b8a5903e32e0552c097b3035dc39c5d5 Mon Sep 17 00:00:00 2001 From: Dylan Lloyd Date: Thu, 10 Mar 2011 00:18:08 -0500 Subject: [PATCH] Comments now POSTed by AJAX. Big problem now is that with JS disabled the CAPTCHA image doesn't load (although it IS fetched from google). I'm not sure why exactly that is. Originally the image was loaded with recaptcha_get_html($this->recaptcha_publickey), but that isn't compatible with the JS load. Class captcha validates with google and returns the result. The new comment is not loaded into view after submitting. The fields should be validated as you go -> special note needs to be taken to consider the javascript-disabled validation and feedback. Lots of prettying up is necessary with the error messages and such. It's probably worth spending a commit on code cleanup now, it's getting a bit messy, particularly with the HEREDOCS. --- .htaccess | 2 ++ includes/style.css | 3 +++ index.php | 62 ++++++++++++++++++++++++++++++++++------------ 3 files changed, 51 insertions(+), 16 deletions(-) diff --git a/.htaccess b/.htaccess index 2d0df8f..7bf3682 100644 --- a/.htaccess +++ b/.htaccess @@ -3,6 +3,8 @@ ErrorDocument 404 /404.php RewriteEngine on +RewriteRule ^captcha/?$ /index.php [L] + RewriteRule ^note/([^/\.]+)?/?$ /index.php?note=$1 [L] RewriteRule ^note/([^/\.]+)?/comments/?$ /index.php?comments=true¬e=$1 [L] RewriteRule ^note/([^/\.]+)?/comments/verify/?$ /index.php?comments=true&verify=true¬e=$1 [L] diff --git a/includes/style.css b/includes/style.css index 997dfb8..abdbb98 100644 --- a/includes/style.css +++ b/includes/style.css @@ -207,3 +207,6 @@ pre { top:0px; right:0px; } + +#recaptcha_div { +} diff --git a/index.php b/index.php index a0c48f2..8f8baae 100644 --- a/index.php +++ b/index.php @@ -34,7 +34,10 @@ abstract class cms { return 'index'; } else if (isset($_GET['project'])) { return 'project'; + } else if (isset($_GET['challenge'])) { + return 'captcha'; } + } public function query() { @@ -71,6 +74,9 @@ abstract class cms { $home_link = "http://validator.w3.org/unicorn/check?ucn_uri=dylanstestserver.com&ucn_task=conformance#"; } else if ($this->determine_type() == 'note') { $scripts = ""; + $scripts .= ""; + $scripts .= ""; + $scripts .= ""; } echo <<"; - $resp = recaptcha_check_answer ($this->recaptcha_privatekey, - $_SERVER["REMOTE_ADDR"], - $_POST["recaptcha_challenge_field"], - $_POST["recaptcha_response_field"]); - if (!$resp->is_valid) { - $this->failed_captcha = true; - } else { + var_dump($_POST['captcha']); + var_dump(isset($_POST['captcha'])); + var_dump(isset($_POST['captcha']) || false); + if (!isset($_POST['captcha'])) { + require_once('includes/recaptchalib.php'); + echo "
"; + $resp = recaptcha_check_answer ($this->recaptcha_privatekey, + $_SERVER["REMOTE_ADDR"], + $_POST["recaptcha_challenge_field"], + $_POST["recaptcha_response_field"]); + if (!$resp->is_valid) { + $this->failed_captcha = true; + } + } + if (isset($_POST['captcha']) || $resp->is_valid) { $sql = ("INSERT INTO comments (date_posted, author, email, text, note) VALUES(NOW(), ?, ?, ?, ?)"); $stmt = $this->db->prepare($sql); // Checks are needed here (no blank text, // and a default author / email need to be set + // for no-javascript users. $stmt->bind_param('ssss', - htmlspecialchars($_POST['author']), + htmlspecialchars($_POST['name']), htmlspecialchars($_POST['email']), htmlspecialchars($_POST['text']), $this->id); @@ -443,7 +456,7 @@ END_OF_COMMENT; $publickey = $this->recaptcha_publickey; echo << -function showRecaptcha(element) { +function showRecaptcha() { Recaptcha.create("$publickey", "recaptcha_div", { @@ -457,19 +470,19 @@ END_CAPTCHA_STYLE; require_once('includes/recaptchalib.php'); // Trailing slash is necessary for reloads to work $url = $this->url . "verify"; - echo "
"; + echo ""; echo << - +

comment?


comment:

- +

name:

- +

email:

-
+
@@ -584,6 +597,19 @@ class notFound extends Exception { } } +class captcha extends cms { + public function display() { + $challenge = $_GET['challenge']; + $response = $_GET['response']; + $remoteip = $_SERVER['REMOTE_ADDR']; + $curl = curl_init('http://api-verify.recaptcha.net/verify?'); + curl_setopt ($curl, CURLOPT_POST, 4); + curl_setopt ($curl, CURLOPT_POSTFIELDS, "privatekey=$this->recaptcha_privatekey&remoteip=$remoteip&challenge=$challenge&response=$response"); + $result = curl_exec ($curl); + curl_close ($curl); + } +} + ## now actually do something: switch (cms::determine_type()) { case "index": @@ -610,6 +636,10 @@ switch (cms::determine_type()) { $archive = new archive; $archive->display(); break; + case "captcha": + $captcha = new captcha; + $captcha->display(); + break; } ?> -- 2.30.2