Jump to content

need to add a form field to determine if user is human

webguync

By webguync
in PHP Coding Help

 Share

Recommended Posts

webguync Advanced Member

webguync

Posted
Posted

Hi,

 

I want to add another form field to determine if a user is human and not spam bots. I looked into CAPTCHA, but I think those are annoying. I was thinking about just having the user enter (5+5) and if the answer is not ten, then displaying a incorrect value message. If correct submit form and info to the Database. Not sure how to do that with what I currently have coded though so need some help with that part. Here is the current code.

 

				<?PHP
require_once "formvalidator.php";
$show_form=true;
if(isset($_POST['Submit']))
{
   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");
$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");

    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());

        mysql_select_db("beatthis_beatthis") or die(mysql_error());





$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file

$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file

$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file

$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file

$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file

$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file

$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file

$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file

$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file

$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;

if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

}



else{



mail('webguync@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";

  



}

mysql_close($con);

        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is 5 + 5?</label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
	                	<label for="tos">
	                		<input type="checkbox" id="tos" name="tos" value="yes" />
	                		I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
	                	</label>
	                </div>
         <fieldset>

           <div id="service-terms" class="box rounded-all"></div>
	                
		                <div class="controls">
		                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>	
		                </div>
	                </fieldset>
         

</form>
<?PHP
}//true == $show_form
?>

Link to comment
Share on other sites
Zero3X Newbie

Zero3X

Posted
Posted

Haven't tested but this should work.

<?PHP
require_once "formvalidator.php";
$show_form=true;

$human_number1 = rand(1, 12);
$human_number2 = rand(1, 38);
$human_answer = $human_number1 + $human_number2;
session_start();
$_SESSION['check_answer'] = $human_answer;

if(isset($_POST['Submit']))
{
if (!isset($_SESSION['check_answer'])) {
	die ("Error: Answer session not set");
}
if($_POST['math'] != $_SESSION['check_answer']) {
	die ("You did not pass the human check.");
}
   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");



$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");
    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());
        mysql_select_db("beatthis_beatthis") or die(mysql_error());
$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file
$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file
$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file
$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file
$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file
$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file
$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file
$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file
$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file
$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;
if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

} else{



mail('webguync@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";
}

mysql_close($con);
        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is <?php echo $human_number1." + ".$human_number2. "?"; ?></label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
<label for="tos">
<input type="checkbox" id="tos" name="tos" value="yes" />
I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
</label>
                </div>
         <fieldset>
           <div id="service-terms" class="box rounded-all"></div>
                <div class="controls">
                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>
                </div>
                </fieldset>
</form>
<?PHP
}//true == $show_form
?>

 

I'm not sure if it was a good idea for me to use a session though - I never really use them.

Link to comment
Share on other sites
Zero3X Newbie

Zero3X

Posted
Posted

I think I fixed it. Basically $human_answer was being set again when the form was submitted - so if the question was 3 + 7 and you wrote 10 when the form was submitted the question would change to 23 + 12 or something stupid. My bad. ANyway this should fix it. I also replaced the die() functions with echos.

<?PHP
session_start();
require_once "formvalidator.php";
$show_form=true;

if (!isset($_POST['Submit'])) {
$human_number1 = rand(1, 12);
$human_number2 = rand(1, 38);
$human_answer = $human_number1 + $human_number2;
$_SESSION['check_answer'] = $human_answer;
}

if(isset($_POST['Submit']))
{



if (!isset($_SESSION['check_answer'])) {
echo "<p>Error: Answer session not set</p>";
}


if($_POST['math'] != $_SESSION['check_answer']) {
echo "<p>You did not pass the human check.</p>";
}


   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");





$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
    $validator->addValidation("email","email","The input for Email should be a valid email value");
    $validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");
    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","beatthis","Jim2Drew!") or die('Could not connect: ' . mysql_error());
        mysql_select_db("beatthis_beatthis") or die(mysql_error());
$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file
$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file
$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file
$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file
$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file
$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file
$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file
$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file
$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file
$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file



$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; 
//echo $sql;
if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

} else{



mail('webguync@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";
}

mysql_close($con);
        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }        
    }
}

if(true == $show_form)
{
?>

<form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="<?php echo $_SERVER['PHP_SELF'];?>">
<fieldset>

              <div class='normal_field'><label for="LastName">First Name</label></div>
               <div class='element_label'>
                  <input type='text' name='FirstName' size='20'>
               </div>
             
            
           
               <div class='normal_field'><label for="LastName">Last Name</label></div>
               <div class='element_label'>
                  <input type='text' name='LastName' size='20'>
               </div>
           
           </fieldset>
           <fieldset>
               <div class='normal_field'><label for="UserName">User Name</label></div>
               <div class='element_label'>
                  <input type='text' name='UserName' size='20'>
               </div>
           
            
               <div class='normal_field'><label for="Password">Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password' size='20'>
               </div>
               <div class='normal_field'><label for="Password2">Re-Enter Password</label></div>
               <div class='element_label'>
                  <input type='password' name='Password2' size='20'>
               </div>
            
           
               <div class='normal_field'><label for="Email">Email</label></div>
               <div class='element_label'>
                  <input type='text' name='email' size='20'>
               </div>
            </fieldset>
            <fieldset>
          
               <div class='normal_field'><label for="Zip">Zip Code</label></div>
               <div class='element_label'>
                  <input type='text' name='Zip' size='20'>
               </div>
            
            
               <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div>
               <div class='element_label'>
                  <input type='text' name='Birthday' size='20'>
               </div>
           
           
            
               <div class='normal_field'><label for="Security">Security Question</label></div>
               <div class='element_label'>
                  <input type='text' name='Security' size='20'>
               </div>
               <div class='normal_field'><label for="Security2">Security Answer</label></div>
               <div class='element_label'>
                  <input type='text' name='Security2' size='20'>
               </div>
<div class='normal_field'><label for="math">What is <?php echo $human_number1." + ".$human_number2. "?"; ?></label></div>
               <div class='element_label'>
                  <input type='text' name='math' size='20'>
               </div>
             
               </fieldset>
               <div id="agree">
<label for="tos">
<input type="checkbox" id="tos" name="tos" value="yes" />
I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>.
</label>
                </div>
         <fieldset>
           <div id="service-terms" class="box rounded-all"></div>
                <div class="controls">
                    <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/>
                </div>
                </fieldset>
</form>
<?PHP
}//true == $show_form
?>

 

 

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.