Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 19
  1. #1
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts

    Angry reCaptcha - close but no cigar???

    Can anyone help me please?

    I'm not amazingly proficient with php, I only started dabbling with it when I wanted to add a guestbook feature to a business website I've created for a friend. Even then I downloaded one of the many free script sets out there and camouflaged it with my existing html to give it the website's theme. Worked perfectly until it started to get spammed... heavily. So I've researched what I need to add, even posted on this forum and it would seem captcha is the way forward. The guestbook is text file based but only requires two fields; name and comment. It doesn't require people's email addresses so I wasn't looking to go down the email validation route but a lot of people have suggested captcha to me as a way of stopping those pointless bots from posting plentiful obscene posts (of course I've been removing them but there's getting so many of them as time goes by).

    I've looked into free captcha scripts even tried some out, some not working at all and others only half working with the tutorial saying 'you might need to tweak it a bit' but that's the point, I don't know how or where to tweak.

    Some tutorials that seemingly came close to working had an online demo of a guestbook with their captcha feature but I couldn't help but notice that THEIR guestbook even with this validation method was also getting spammed.

    A few people have therefore suggested reCaptcha, a remote validation service that the bots will have huge trouble in cracking. This is great it boasts being a free service (which it is) and as easy as adding a few lines of code... great... I can't get it to work, however it's the closest I've got so far out of all the ones I've looked at.

    So this is a post to anyone who know's where to slot the code successfully.

    Instructions;

    reCAPTCHA Quickstart
    These instructions should get you started quickly.

    Download the reCAPTCHA Library, extract recaptchalib.php in the directory where you your forms live.
    If you haven't done so, sign up for an API key.
    Now we're ready to start modifying your code. First, we'll add code to display the CAPTCHA:
    require_once('recaptchalib.php');
    $publickey = "..."; // you got this from the signup page
    echo recaptcha_get_html($publickey);

    In the code that processes the form submission, you need to add code to validate the CAPTCHA. Otherwise, the CAPTCHA will appear, but the answers won't be checked. The validation code looks like:
    require_once('recaptchalib.php');
    $privatekey = "...";
    $resp = recaptcha_check_answer ($privatekey,
    $_SERVER["REMOTE_ADDR"],
    $_POST["recaptcha_challenge_field"],
    $_POST["recaptcha_response_field"]);

    if (!$resp->is_valid) {
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
    "(reCAPTCHA said: " . $resp->error . ")");
    }

    So I've done this on my postform.php

    I have my private key and public key copied and pasted from signing up into a text file so I can't get them wrong, I'll not display them for security purposes obviously.

    There's 2 chunks of php in my postform.php. The first batch is mostly configuration for the guestbook. The second batch starts the output for the guestbook. At the start of the second batch of php I initialise my private key and public key

    <?PHP
    /***********************\
    //// Start of output \\\\
    \***********************/

    require_once('recaptchalib.php');
    $publickey = "mypublickey";
    $privatekey = "myprivatekey";

    (recaptchalib.php is downloaded and sitting in the directory where it needs to be before anyone asks)

    Then when the user types in their name and comment the only button available to them is to make a preview. Once they click on this, it then should display the reCaptcha widget, show the preview and give a button to submit the post.

    I can get the reCaptcha widget to display no probs,

    // If we have some data posted to us, make a preview for the user
    if ($name != "" || $message != "") {
    echo recaptcha_get_html($publickey);
    echo "<b>Preview of message</b><br>" .
    printMessage(serialize(array("timestamp"=> time(), "name" => $name_preview, "message" => $message_preview)))
    ."<input type=\"submit\" value=\" Add the preview message to the Guestbook \"><br><br>\n";
    }

    the above works to the extent that it displays the widget after clicking for a message preview, problem lies in where do I put the reCaptcha validation code?? It says to put it in the code that processes the form submission, so the form code now looks like this in total;

    Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
    <form action=\"$PHP_SELF\" method=\"post\">

    $resp = recaptcha_check_answer ($privatekey,
    $_SERVER["REMOTE_ADDR"],
    $_POST["recaptcha_challenge_field"],
    $_POST["recaptcha_response_field"]);

    if (!$resp->is_valid) {
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
    "(reCAPTCHA said: " . $resp->error . ")");
    }


    <textarea id=\"message\" name=\"message\" cols=\"50\" rows=\"3\" maxlength=\"".GUESTBOOK_MAX_MESSAGE_LENGTH."\">". $message ."</textarea><br>
    <br>
    Name (Max ".GUESTBOOK_MAX_NAME_LENGTH." chars)<br>
    <input type=\"text\" name=\"name\" size=\"40\" maxlength=\"".GUESTBOOK_MAX_NAME_LENGTH."\" value=\"".htmlentities($name,ENT_NOQUOTES)."\"><br>
    <input id=\"ispreview\" type=\"hidden\" name=\"preview\" value=\"0\"><br>
    <input type=\"submit\" onclick=\"document.getElementById('ispreview').value='1'\" value=\" $button \"><br>
    <br>";

    // If we have some data posted to us, make a preview for the user
    if ($name != "" || $message != "") {
    echo recaptcha_get_html($publickey);
    echo "<b>Preview of message</b><br>" .
    printMessage(serialize(array("timestamp"=> time(), "name" => $name_preview, "message" => $message_preview)))
    ."<input type=\"submit\" value=\" Add the preview message to the Guestbook \"><br><br>\n";
    }

    echo "</form>\n";

    I upload it and then refresh the form page and I get this error;

    Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /mydomain/postform.php on line 260

    (I've also not disclosed the domain name in the above error) but line 260 refers to

    $_SERVER["REMOTE_ADDR"],

    I've dotted this code around a bit and had variations of errors thrown back at me it's driving me around the bend.

    I know this is really long winded but I appreciate anyone who's read this far and can help me out please? I'm a beginner to php and I'm struggling, I just want to get this working so I can put the guestbook back online.

  • #2
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    sorry, I can't follow the code and the comments. Can't you post each file, with name above, between tags [ code] and [ /code] or [ php] and [ /php].
    another question is where did you know that are bots and not real people? In my opinion is hard to beleave that somebody use a bot to post obscene messages into a guestbook, but who knows?
    I will try to help if I can.

    regards

  • Users who have thanked oesxyl for this post:

    adehall1980 (07-21-2008)

  • #3
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts
    I'm assuming it's bots because it's the starts of erotic stories and it was getting about 30 posted in an hour!! crazy.

    Okay here goes, please bear in mind that I downloaded this free code

    postform.php
    ==========

    Code:
    <?PHP
    /****************************************************************************\
    *   This program is free software; you can redistribute it and/or            *
    *   modify it under the terms of the GNU General Public License              *
    *   as published by the Free Software Foundation; either version 2           *
    *   of the License, or (at your option) any later version.                   *
    *                                                                            *
    *   This program is distributed in the hope that it will be useful,          *
    *   but WITHOUT ANY WARRANTY; without even the implied warranty of           *
    *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            *
    *   GNU General Public License for more details.                             *
    *                                                                            *
    *   You should have received a copy of the GNU General Public License        *
    *   along with this program; if not, write to the Free Software              *
    * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.*
    *                                                                            *
    *   The Emoticons are not covered by the GNU GPL license.                    *
    *   Some of the emoticons are free and made by:                              *
    *   http://www.kevinhatch.com/graphics/emoticons/                            *
    *   Download them from his site to get the latest verison                    *
    \****************************************************************************/
    
    // see guestbook_vars.php for configuration
    
    /* This function locates what is the "root" dir by searching the current dir for guestbook.php, if not found then it searches the parrent and so on. With this you can then have many guestbooks on your site by just creating a soft link to readbook.php and postform.php to the sub-dirs where you want the new book. */
    
    include_once("guestbook.php");
    
    // If magic quotes are on we get rid of the dumb slashes.
    //Since we are using serialize to store the data, it is not nessesary to addslashes()
    if(get_magic_quotes_gpc()){
    	$name		= stripslashes($name);
    	$message	= stripslashes($message);
    }
    // Put a cap on the length of the submitted msg
    $name		= substr($name, 0, GUESTBOOK_MAX_NAME_LENGTH);
    $message	= substr($message, 0, GUESTBOOK_MAX_MESSAGE_LENGTH);
    
    if (! $preview && isset($preview)){
    	// Do we have write access to the guestbook file? if not bich about it
    	if (!$fileName = fopen(GUESTBOOK_TEXTFILE, "a")){
    		echo "test....".GUESTBOOK_TEXTFILE;
    		echo "I (webserver) don't have write access to the " . GUESTBOOK_TEXTFILE . " or the directory it is stored...<br>
    		Check with ls -l in the directory to see that the file is owned by the web server and writable...<br>
    		If you are not the webmaster for this site, please contact the webmaster and include this message<br>";
    		exit();
    	}
    	fclose($fileName);
    	
    	if ($message == '' || $name == '')
    		$error = "You must include both a name and a message";
    	else if (MAX_SMILEYS_NAME < countSmileys($name, $smileys))
    		$error = "You have used to many smileys in the name";
    	else if (MAX_SMILEYS_MESSAGE < countSmileys($message, $smileys))
    		$error = "You have used to many smileys in the message";
    	else{
    		$name		= htmlentities($name,ENT_NOQUOTES);
    		$message	= htmlentities($message,ENT_NOQUOTES);
    		
    		// Change newlines to html
    		$message = nl2br($message);
    	
    		// Remove any newlines and carrage returns
    		// they would **** up serialize, since it is stored one entry at a time
    		$name = str_replace ("\n","",$name);
    		$name = str_replace ("\r","",$name);
    		$message = str_replace ("\n","",$message);
    		$message = str_replace ("\r","",$message);
    		
    		// Compose the new entry
    		$newRow = serialize(array(
    				"timestamp"		=> time(),
    				"remote_addr"		=> $REMOTE_ADDR,
    				"user_agent"		=> $_SERVER["HTTP_USER_AGENT"],
    				"name"			=> strip_tags ($name),
    				"message"		=> $message));
    		
    		// Read all the old entries in the book
    		$oldRows = join ('', file (GUESTBOOK_TEXTFILE) );
    		
    		// Write the new entry and then all the old ones
    		$fileName = fopen (GUESTBOOK_TEXTFILE, 'w');
    		fputs ($fileName, $newRow. "\n" . $oldRows);
    		fclose ($fileName);
    		
    		// we have been silent up til now, so we can redirec with a header "Location:" to the readbook
    		header("Location: " . GUESTBOOK_READBOOK);
    		
    		// Now the user should be on his way to the readbook page
    		// We now mail the owner of the guestbook about the new post
    		
    		if (EMAIL_NEW_POSTS !== false) {
    			mail(EMAIL_NEW_POSTS, "New post in guestbook", $newRow,
    				"From: webmaster@{$_SERVER['SERVER_NAME']}\r\n" .
    				"Reply-To: webmaster@{$_SERVER['SERVER_NAME']}\r\n" .
    				"X-Mailer: PHP/" . phpversion());
    		}
    		exit;
    	}
    }
    ?>
    <!--postform.php, author: Adrian Hall-->
    <!--last updated on 27/06/08-->
    <html>
    <head>
    	<title>2 Wheels Motorcycle Training</title>
    	<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
    	<link rel="shortcut icon" href="favicon.ico" >
    <STYLE TYPE="text/css"> 
    BODY 
    { 
    scrollbar-base-color: #6B99E5;
    scrollbar-face-color: #123065; 
    scrollbar-arrow-color: #343A44;
    scrollbar-DarkShadow-Color: #0056D8;
    }
    </STYLE>
    </head>
    
    <!--Insert static background colour-->
    <body bgcolor="#FFFFFF" text="#000000" LEFTMARGIN=0 RIGHTMARGIN=0 TOPMARGIN=0 BOTTOMMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0 alink="#FD351C" vlink="#FD351C" link="#FD351C">
    
    <!--Content-->
    <table width="100&#37;" height="100%" border="0" cellpadding="0" cellspacing="0" name="Content">
      <tr>
        <td> 
          <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" name="Borders">
            <tr> 
              <td background="Border1.bmp" width="133">&nbsp;</td>
              <td>
    		     <table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" name="CentrePage">
    			   <tr>
    			      <td height="166">                         
                         <table width="100%" border="0" cellpadding="0" cellspacing="0" name="TitleBanner">
                            <tr> 
                               <td height="16" background="chrome.bmp"><font size="1">&nbsp;</font></td>
                            </tr>
                            <tr> 
                               <td>
    						      <table width="100%" border="0" cellpadding="0" cellspacing="0" name="BannerFlash">
    							     <tr>
    								    <td width="10" height="150" background="bannerleft.bmp">&nbsp;</td>
    									<td height="150" bgcolor="#FFFFFF">&nbsp;</td>
    									<td height="150" width="700" bgcolor="#FFFFFF" align="center">
    									   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="700" height="150">
                                           <param name=movie value="CommunityBanner.swf">
                                           <param name=quality value=high><param name="LOOP" value="false">
                                           <embed src="CommunityBanner.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="700" height="150" loop="false">
                                           </embed> 
                                           </object>
    									</td>
    									<td height="150" bgcolor="#FFFFFF">&nbsp;</td>
    									<td width="10" height="150" background="bannerright.bmp">&nbsp;</td>
    								 </tr>
    							  </table>
    						   </td>
                            </tr>
                            <tr> 
                               <td height="16" background="chrome.bmp"><font size="1">&nbsp;</font></td>
                            </tr>
                         </table>
    				  </td>
    			   </tr>
    			   <tr>
    			      <td height="66">
    				     <table width="100%" border="0" cellpadding="0" cellspacing="0" name="Menu">
    					    <tr>
    						   <td>
    						      <table height="50" width="100%" border="0" cellpadding="0" cellspacing="0" name="Options">
                                     <tr>								    
                                        <td bgcolor="#FD351C"> 
    									   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
                                              <param name=movie value="HomeButton.swf">
                                              <param name=quality value=high><param name="LOOP" value="true">
                                              <embed src="HomeButton.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="true">
                                              </embed> 
                                           </object>
    									   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
                                              <param name=movie value="CoursesButton.swf">
                                              <param name=quality value=high><param name="LOOP" value="true">
                                              <embed src="CoursesButton.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="true">
                                              </embed> 
                                           </object>
    									   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
                                              <param name=movie value="ContactButton.swf">
                                              <param name=quality value=high><param name="LOOP" value="true">
                                              <embed src="ContactButton.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="true">
                                              </embed> 
                                           </object>
    									   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="149" height="50">
                                              <param name=movie value="CommunityActive.swf">
                                              <param name=quality value=high><param name="LOOP" value="false">
                                              <embed src="CommunityActive.swf" quality=high pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" width="149" height="50" loop="false">
                                              </embed> 
                                           </object>
    									   <script type="text/javascript" src="ieupdate.js"></script>
    									</td>
    								 </tr>
    							  </table>
    						   </td>
    						</tr>
    						<tr>
    						   <td height="16" background="chrome.bmp"><font size="1">&nbsp;</font></td>
    						</tr>
    					 </table>
    				  </td>
    			   </tr>
    			   <tr>
    			      <td>
    				     <table width="100%" border="0" cellpadding="0" cellspacing="0" name="communityPageData">
    					    <tr>
    						   <td>
    						      &nbsp;<p>
    							  <font size="4" color="#123065"><center><b><u>Sign Our Guestbook</u></b></center></font><br>
    						      <table align="center" cellpadding="20" cellspacing="0" name="ViewGuestbook" bordercolor="#000000" border="1">
    							     <tr>
    								    <td bgcolor="#D1D1D1">
    <?PHP
    /***********************\
    //// Start of output \\\\
    \***********************/
    
    require_once('recaptchalib.php');
    $publickey = "6LdXgwIAAAAAADETO9nxFNZ8Vs_j0AeNcVzga6bP";
    $privatekey = "6LdXgwIAAAAAAHcLIudduKAno9EYvW9di496V7Do";
    // Change everything to legal html code. This makes all html tags in the submitted text apper as text content.
    // These two are only used for the preview of the message
    $name_preview 		= htmlentities($name,ENT_NOQUOTES);
    $message_preview	= htmlentities($message,ENT_NOQUOTES);;
    
    // Change newlines to html
    $message_preview = nl2br($message_preview);
    
    // Make a list of the smileys with the way to print them
    reset($smileys);
    $i=0;
    while (list ($key, $val) = each ($smileys)){
    	$smileys_array[$i] = "<img onclick=\"javascript: document.getElementById('message').value += ' \\$key ';\" $val>";
    	$i++;
    }
    $smileys_table = "<center>" . makeTable($smileys_array, 10) . "</center>";
    
    // Page layout start
    
    echo topicBox("Add a message to the guestbook","");
    echo topicBox("Emoticons: Click the emoticon you want!",
    "$escapeTag $smileys_table $escapTag");
    
    if ($name != "" || $message != "")
    	$button = "Refresh preview";
    else
    	$button = "Make preview";
    
    echo "<font color=\"red\"><b>$error</b></font><br>
    Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
    <form action=\"$PHP_SELF\" method=\"post\">
    
    $resp = recaptcha_check_answer ($privatekey,
                                    $_SERVER["REMOTE_ADDR"],
                                    $_POST["recaptcha_challenge_field"],
                                    $_POST["recaptcha_response_field"]);
    
    if (!$resp->is_valid) {
      die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
           "(reCAPTCHA said: " . $resp->error . ")");
    }
    
    
    <textarea id=\"message\" name=\"message\" cols=\"50\" rows=\"3\" maxlength=\"".GUESTBOOK_MAX_MESSAGE_LENGTH."\">". $message ."</textarea><br>
    <br>
    Name (Max ".GUESTBOOK_MAX_NAME_LENGTH." chars)<br>
    <input type=\"text\" name=\"name\" size=\"40\" maxlength=\"".GUESTBOOK_MAX_NAME_LENGTH."\" value=\"".htmlentities($name,ENT_NOQUOTES)."\"><br>
    <input id=\"ispreview\" type=\"hidden\" name=\"preview\" value=\"0\"><br>
    <input type=\"submit\" onclick=\"document.getElementById('ispreview').value='1'\" value=\" $button \"><br>
    <br>";
    
    // If we have some data posted to us, make a preview for the user
    if ($name != "" || $message != "") {
    	echo recaptcha_get_html($publickey);	echo "<b>Preview of message</b><br>" . 
    	printMessage(serialize(array("timestamp"=> time(), "name" => $name_preview, "message" => $message_preview))) 
    	."<input type=\"submit\" value=\" Add the preview message to the Guestbook \"><br><br>\n";
    }
    
    echo "</form>\n";
    
    if (WARN_USER_ABOUT_ABUSE)
    	echo topicBox("Warning","IP and timestamp is recorded, abuse will be forwarded to the appropriate ISP's");
    
    if (is_readable($root_file_url . "status.php")){
    	include($root_file_url . "status.php");
    	echo "$status</div>\n";
    }
    ?>
    								   </td>
    								 </tr>
    							  </table>
    							  <table height="10" width="100%" border="0" cellpadding="5" cellspacing="0" name="Copyright">
    					             <tr>
    								   <div align="center" valign="bottom">
    								     <br><b><font size="4" color="#FD351C"><a href="readbook.php">View Our Guestbook</a>
    									 </font><font size="4" color="#123065"> or browse the </font><font size="4" color="#FD351C">
    									 <a href="gallery.htm">2 Wheels Success Gallery</a></font></b>
    								   </div>
    								 </tr>
    								 <tr>
    						            <td>
    						               <div align="center" valign="bottom">
    					   				      <br><font size="1">This website has been designed and produced 
                           					  by Adrian Hall on behalf of Michael Rice at 2 Wheels Motorcycle Training.<br>
                           					  The 2 Wheels logo (&#169; 2007) and the content of this website is the subject 
                           					  of copyright protection. All Rights Reserved.<br>
                                    		  &#169; 2007 2 Wheels Motorcycle Training</font>
    					   				   </div>
    						            </td>
    						         </tr>
    					          </table>
    						   </td>
    						</tr>
    					 </table>
    				  </td>
    			   </tr>			   
    			 </table>
    		  </td>
              <td background="Border2.bmp" width="133">&nbsp;</td>
            </tr>
          </table>
        </td>
      </tr>
    </table>
    
    </body>
    </html>
    I've highlighted the reCaptcha parts in red. There's also readbook.php and guestbook.php but I didn't think you'd need to see them, please let me know if you do. Your help is greatly appreciated. I haven't done this kind of development since I was at uni (over 10 year ago) so I'm very rusty, but was thrilled when I got the guestbook up and running and I know that my html could be tidier and I've yet to dive in the world of css style sheets instead of using invisible tables to line things up.

  • #4
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by adehall1980 View Post
    I'm assuming it's bots because it's the starts of erotic stories and it was getting about 30 posted in an hour!! crazy.
    that means 2 min between posts or more. A nasty kid could post manualy 1 per minute, that means 60,

    Okay here goes, please bear in mind that I downloaded this free code
    I was looking for the guestbook code but is not clear for me if is still maintained or not.

    I haven't done this kind of development since I was at uni (over 10 year ago) so I'm very rusty, but was thrilled when I got the guestbook up and running and I know that my html could be tidier and I've yet to dive in the world of css style sheets instead of using invisible tables to line things up.
    I don't intend to get off topic. If you want something else then solving this problem, this is another thing.

    options to solve this:
    1.) you can add a minimal time interval between posts, in fact is a guestbook not a forum or chat
    2.) forbid multiple posts from same location
    3.) ask for registration before posting, hmm not quite ok for a guestbook
    4.) filter the content of the messages, names and forbid posts, in my opinion not eficient, could slow down a little the spam but keep you busy with update the filters.
    5.) a combination of 1-4 to achive what you want

    the complication is that you must keep track of users.

    PS: I was found your site with google and I see that you disabled the guestbook until you solve the problem so I will try to help as fast as I can.

    regards

  • Users who have thanked oesxyl for this post:

    adehall1980 (07-22-2008)

  • #5
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Guestbook code is available at

    http://wigen.net/projects/guestbook/

    if that helps?

    Really appreciate you looking into this for me and yes I did disable the guestbook until I could sort this, it's been off-line for a week now.

    If you type the url as

    http://www.2wheelsmotorcycletraining.co.uk/postform.php

    you'll see the error that I get using the above code

  • #6
    Senior Coder djm0219's Avatar
    Join Date
    Aug 2003
    Location
    Wake Forest, North Carolina
    Posts
    1,313
    Thanks
    4
    Thanked 206 Times in 203 Posts
    That error is coming before that line in what you posted. Look up a little bit and you'll see:
    PHP Code:
    echo "<font color=\"red\"><b>$error</b></font><br>
    Message (Max "
    .GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
    <form action=\"$PHP_SELF\" method=\"post\"> 
    That block of code is missing a closing double quote as well as the trailing semi-colon. See if changing it to:

    PHP Code:
    echo "<font color=\"red\"><b>$error</b></font><br>
    Message (Max "
    .GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
    <form action=\"$PHP_SELF\" method=\"post\">"

    helps (it should resolve the error message at least).
    Dave .... HostMonster for all of your hosting needs

  • Users who have thanked djm0219 for this post:

    adehall1980 (07-22-2008)

  • #7
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by adehall1980 View Post
    Guestbook code is available at

    http://wigen.net/projects/guestbook/

    if that helps?
    yes, thank you. The link to www.kevinatch.com no longer point to emoticons and from the source you posted I can't identify the scripts.

    Really appreciate you looking into this for me and yes I did disable the guestbook until I could sort this, it's been off-line for a week now.
    I don't think that this can be solved only using this code. The code have some small coding problems but probably is safe enought. Think to what I said in my previous post maybe we can add something to solve this. Mean time I will look deeper in the source.

    If you type the url as

    http://www.2wheelsmotorcycletraining.co.uk/postform.php

    you'll see the error that I get using the above code
    djm0219 is right, this solve the error.

    regards

  • Users who have thanked oesxyl for this post:

    adehall1980 (07-22-2008)

  • #8
    Regular Coder
    Join Date
    Apr 2006
    Posts
    186
    Thanks
    21
    Thanked 6 Times in 6 Posts
    On this other forum that I was signing up I saw they just asked you to type the text between quotes as a form of captcha. I.e. Type "php" without the quotes. Can the robots not figure that out?

  • Users who have thanked PeaTearGriffin for this post:

    adehall1980 (07-22-2008)

  • #9
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by PeaTearGriffin View Post
    On this other forum that I was signing up I saw they just asked you to type the text between quotes as a form of captcha. I.e. Type "php" without the quotes. Can the robots not figure that out?
    If we assume the "php" is not displayed as text but as image, could work,
    image captcha is based on the fact that is very hard to extract what is text from a picture in a programatic way.
    because capcha is useless if you use same text every time is a habit to generate random text but the problem is to display this in page only as picture and to check if match when validate.

    regards

  • Users who have thanked oesxyl for this post:

    adehall1980 (07-22-2008)

  • #10
    Regular Coder
    Join Date
    Apr 2006
    Posts
    186
    Thanks
    21
    Thanked 6 Times in 6 Posts
    Quote Originally Posted by oesxyl View Post
    If we assume the "php" is not displayed as text but as image, could work,
    image captcha is based on the fact that is very hard to extract what is text from a picture in a programatic way.
    because capcha is useless if you use same text every time is a habit to generate random text but the problem is to display this in page only as picture and to check if match when validate.

    regards
    If I remember correctly, it was only text. So I guess that could easily be worked around. I also read about questions that would be easy for humans but more difficult for robots such as "fire is hot, ice is ..." Sometimes captcha just annoys me, because even for humans its really difficult when its too blurry, squishy or whatever. I've gotten 3-4 wrong in a row before lol.

  • Users who have thanked PeaTearGriffin for this post:

    adehall1980 (07-22-2008)

  • #11
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by PeaTearGriffin View Post
    If I remember correctly, it was only text. So I guess that could easily be worked around.
    then is useless,

    I also read about questions that would be easy for humans but more difficult for robots such as "fire is hot, ice is ..."
    Sometimes captcha just annoys me, because even for humans its really difficult when its too blurry, squishy or whatever. I've gotten 3-4 wrong in a row before lol.
    me too, is one like this on a IBM site, I never understand what is there, so I never register.

    regards

  • Users who have thanked oesxyl for this post:

    adehall1980 (07-22-2008)

  • #12
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Man... that takes me back a bit, I used to do that all the time, sit and stare at a block of code for hours on end wondering why it doesn't work then someone would tell me I've missed a semi-colon. thanks

  • #13
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by oesxyl View Post
    then is useless,


    me too, is one like this on a IBM site, I never understand what is there, so I never register.

    regards
    The reCaptcha widget has an audio option if the image isn't clear enough

  • #14
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts
    okay, so I'm a little step closer, slowly but surely

    Code:
    echo "<font color=\"red\"><b>$error</b></font><br>
    Message (Max ".GUESTBOOK_MAX_MESSAGE_LENGTH." chars)<br>
    <form action=\"$PHP_SELF\" method=\"post\">";
    
    $resp = recaptcha_check_answer ($privatekey,
                                    $_SERVER["REMOTE_ADDR"],
                                    $_POST["recaptcha_challenge_field"],
                                    $_POST["recaptcha_response_field"]);
    
    if (!$resp->is_valid) {
      die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
           "(reCAPTCHA said: " . $resp->error . ")");
    }
    
    echo "<textarea id=\"message\" name=\"message\" cols=\"50\" rows=\"3\" maxlength=\"".GUESTBOOK_MAX_MESSAGE_LENGTH."\">". $message ."</textarea><br>
    <br>
    Name (Max ".GUESTBOOK_MAX_NAME_LENGTH." chars)<br>
    <input type=\"text\" name=\"name\" size=\"40\" maxlength=\"".GUESTBOOK_MAX_NAME_LENGTH."\" value=\"".htmlentities($name,ENT_NOQUOTES)."\"><br>
    <input id=\"ispreview\" type=\"hidden\" name=\"preview\" value=\"0\"><br>
    <input type=\"submit\" onclick=\"document.getElementById('ispreview').value='1'\" value=\" $button \"><br>
    <br>";
    I added the missing a closing double quote as well as the trailing semi-colon, added the reCaptcha validation code but then obviously for the text area had to add echo and opening quotes.

    I resolved the parse error, thanks guys, but if you now go to

    http://www.2wheelsmotorcycletraining.co.uk/postform.php

    you can see it displays the reCaptcha validation code like text, so the question is what do I do to get it integrated as part of the form submission?

  • #15
    New Coder
    Join Date
    Jun 2007
    Posts
    40
    Thanks
    36
    Thanked 0 Times in 0 Posts
    http://recaptcha.net/plugins/php/

    is the url that describes how to implement reCaptcha. As you will see from the examples it gives, I can not follow these instructions to the letter because it assumes you're adding this php to a form created in html


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •