cedward Posted November 7, 2014 Share Posted November 7, 2014 (edited) Hey guys... I need a little help in php, i started to learn php and i have one problem in captcha integration system. I have a short link website and i want to integrate a captcha code on login page. Login code looks like this <?php$ref_title = "Login";include('header.php');include("include/functions.php");$uip = getIP();?><?phpif($loggedin == '1') {echo"<script type='text/javascript'>window.location= './acc.php'</script>";}if($aloggedin == '1') {echo"<script type='text/javascript'>window.location= './advpanel.php'</script>";}?> <div class="rbcontent"><div style="position:relative; top: -25px;"><img src="./images/back-top.png"></div><div style="padding:0 35;"><br><h2 style="color: #E97F01;"> <span style="background-color: #ECECEC; padding:0 12px;"><?php echo"$loginPageT"; ?></span> </h2><br><form method="POST"><p><?php echo"$loginPageFormTU"; ?> <input type='text' name='username' size='40' id='textval' style='float:none;'></p><p><?php echo"$loginPageFormTP"; ?> <input type='password' name='password' size='40' id='textval' style='float:none;'></p><br><br><input type="submit" name="submit" value='<?php echo"$submitButtonSumbit"; ?>' class="btnreg"></form><?phpif (isset($_POST['submit'])) {$username = mysql_real_escape_string($_POST['username']);$password = mysql_real_escape_string(md5($_POST['password']));$selecttype = mysql_query("SELECT * FROM members WHERE username='$username'");$selecttypeadv = mysql_query("SELECT * FROM advertisers WHERE username='$username'");$pubrows = mysql_num_rows($selecttype);$advrows = mysql_num_rows($selecttypeadv);if($pubrows == '1') {$acctype = 'publisher';}if($advrows == '1') {$acctype = 'advertiser';} if ($username&&$password) { if($acctype == '') { echo"<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; } if($acctype == 'publisher') { $query = mysql_query("SELECT * FROM members WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } // check to see if they match! if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; $updateip = mysql_query("UPDATE members SET lastip='$uip' WHERE username='$username'"); echo "<script type='text/javascript'>window.location= './acc.php'</script>"; } else { echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorPassword</span></center>"; } } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; }}else if($acctype == 'advertiser') { $query = mysql_query("SELECT * FROM advertisers WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } // check to see if they match! if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['username']=$username; $_SESSION['password']=$password; $_SESSION['acctype'] = 1; $updateip = mysql_query("UPDATE advertisers SET lastip='$uip' WHERE username='$username'"); echo "<script type='text/javascript'>window.location= './advpanel.php'</script>"; } else { echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorPassword</span></center>"; } } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; }} } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorComplete</span></center>"; }}?><br><center><div id="regnow"> <div style="padding:10 70;"><?php echo"$loginPageFormQ"; ?></div></div> <br> Forgot your password? <a href='./recoverp.php'>Click here to recover</a></center><br></div><div style="position:relative; top: 25px;"><img src="./images/back-bottom.png"></div> </div><!-- /rbcontent --><?phpinclude('footer.php');?> And i have this captcha code To use minteye Captcha with PHP, download minteye Captcha PHP library, just to make things easier for you.Extract and save adscaptchalib.php on your website directory.In order to use the PHP library, you'll need to include the library in the page/s which use it:<?phprequire_once('adscaptchalib.php');?> Client Side - Display your CAPTCHANow you're ready to display your CAPTCHA.Place this code inside your <form> where the minteye Captcha will be placed:$captchaId = ''; // Set your captcha id here$publicKey = ''; // Set your public key hereecho GetCaptcha($captchaId, $publicKey); Don't forget to set your Captcha ID and public key values.Server Side - Validate your CAPTCHAOn your validation process, place this code:$captchaId = ''; // Set your captcha id here$privateKey = ''; // Set your private key here$challengeValue = $_POST['adscaptcha_challenge_field'];$responseValue = $_POST['adscaptcha_response_field'];$remoteAddress = $_SERVER["REMOTE_ADDR"];if ("true" == ValidateCaptcha($captchaId, $privateKey, $challengeValue, $responseValue, $remoteAddress)){ // Corrent answer, continue with your submission process} else { // Wrong answer, you may display a new minteye Captcha and add an error args } i managed to make it work as you can see on http://millionadvertising.com/login.php but it won`t work because eighter you complete or not capcha user can login. Can you help me out ? Thanks Edited November 7, 2014 by cedward Link to comment Share on other sites More sharing options...
justsomeguy Posted November 7, 2014 Share Posted November 7, 2014 Your login code doesn't include the code to check the captcha, did you add that? Link to comment Share on other sites More sharing options...
cedward Posted November 7, 2014 Author Share Posted November 7, 2014 I posted here the original scripts. Original Login and original captcha code so you can easly see where i need to integrate the captcha code to work good ... Link to comment Share on other sites More sharing options...
justsomeguy Posted November 7, 2014 Share Posted November 7, 2014 They show code that is similar to what you need to add. You need to include the required file on your form processing page, and do the same kind of checks that they show. It sounds like you only done half of it. Link to comment Share on other sites More sharing options...
cedward Posted November 9, 2014 Author Share Posted November 9, 2014 I managed to do this integration: <?php$ref_title = "Login";include('header.php');include("include/functions.php");$uip = getIP();?><?phprequire_once('adscaptchalib.php');?><?phpif($loggedin == '1') {echo"<script type='text/javascript'>window.location= './acc.php'</script>";}if($aloggedin == '1') {echo"<script type='text/javascript'>window.location= './advpanel.php'</script>";}?> <div class="rbcontent"><div style="position:relative; top: -25px;"><img src="./images/back-top.png"></div><div style="padding:0 35;"><br> <h2 style="color: #E97F01;"> <span style="background-color: #ECECEC; padding:0 12px;"><?php echo"$loginPageT"; ?></span> </h2><br> Solve Captcha to Login <?php $captchaId = '6731'; // Set your captcha id here $publicKey = 'a5cd8e41e8ac4d66a02f2634edb051f3'; // Set your public key here $privateKey = '9de3dab7d68843f1a1d3cc7e9af142fe'; // Set your private key here $challengeValue = $_POST['adscaptcha_challenge_field']; $responseValue = $_POST['adscaptcha_response_field']; $remoteAddress = $_SERVER["REMOTE_ADDR"]; if ($challengeValue == null) { echo GetCaptcha($captchaId, $publicKey); ?> <form method="POST"><p><?php echo"$loginPageFormTU"; ?> <input type='text' name='username' size='40' id='textval' style='float:none;'></p><p><?php echo"$loginPageFormTP"; ?> <input type='password' name='password' size='40' id='textval' style='float:none;'></p><form method="post" style="margin: auto;"> <br><br><input type="submit" name="submit" value='<?php echo"$submitButtonSumbit"; ?>' class="btnreg"></form><?php} else { if (ValidateCaptcha($captchaId, $privateKey, $challengeValue, $responseValue, $remoteAddress) == "true") { echo "Correct Captcha"; // Corrent answer, continue with your submission process } else { echo "Wrong Captcha"; // Wrong answer, you may display a new AdsCaptcha and add an error message } } ?><?phpif (isset($_POST['submit'])) {$username = mysql_real_escape_string($_POST['username']);$password = mysql_real_escape_string(md5($_POST['password']));$selecttype = mysql_query("SELECT * FROM members WHERE username='$username'");$selecttypeadv = mysql_query("SELECT * FROM advertisers WHERE username='$username'");$pubrows = mysql_num_rows($selecttype);$advrows = mysql_num_rows($selecttypeadv);if($pubrows == '1') {$acctype = 'publisher';}if($advrows == '1') {$acctype = 'advertiser';} if ($username&&$password) { if($acctype == '') { echo"<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; } if($acctype == 'publisher') { $query = mysql_query("SELECT * FROM members WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } // check to see if they match! if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; $updateip = mysql_query("UPDATE members SET lastip='$uip' WHERE username='$username'"); echo "<script type='text/javascript'>window.location= './acc.php'</script>"; } else { echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorPassword</span></center>"; } } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; }}else if($acctype == 'advertiser') { $query = mysql_query("SELECT * FROM advertisers WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } // check to see if they match! if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['username']=$username; $_SESSION['password']=$password; $_SESSION['acctype'] = 1; $updateip = mysql_query("UPDATE advertisers SET lastip='$uip' WHERE username='$username'"); echo "<script type='text/javascript'>window.location= './advpanel.php'</script>"; } else { echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorPassword</span></center>"; } } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; }} } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorComplete</span></center>"; }}?><br><center><div id="regnow"> <div style="padding:10 70;"><?php echo"$loginPageFormQ"; ?></div></div> <br> Forgot your password? <a href='./recoverp.php'>Click here to recover</a></center> <?php ?><br></div><div style="position:relative; top: 25px;"><img src="./images/back-bottom.png"></div> </div><!-- /rbcontent --><?phpinclude('footer.php');?> Demo: http://www.millionadvertising.com/login.php  but it skip the captcha verification. It show the captcha but eighter you complete the captcha eighter not the login procces still goes on.  user: wipingshooter password : parola0107  Link to comment Share on other sites More sharing options...
cedward Posted November 10, 2014 Author Share Posted November 10, 2014 Anyone can help me please? Link to comment Share on other sites More sharing options...
cedward Posted November 10, 2014 Author Share Posted November 10, 2014 With this code i managed to do this : Captcha check if correct or not. Eighter if is correct or not, user can`t login <?php$ref_title = "Login";include('header.php');include("include/functions.php");$uip = getIP();?><?phprequire_once('adscaptchalib.php');?><?phpif($loggedin == '1') {echo"<script type='text/javascript'>window.location= './acc.php'</script>";}if($aloggedin == '1') {echo"<script type='text/javascript'>window.location= './advpanel.php'</script>";}?> <div class="rbcontent"><div style="position:relative; top: -25px;"><img src="./images/back-top.png"></div><div style="padding:0 35;"><br> <h2 style="color: #E97F01;"> <span style="background-color: #ECECEC; padding:0 12px;"><?php echo"$loginPageT"; ?></span> </h2><br> <form method="POST"><p><?php echo"$loginPageFormTU"; ?> <input type='text' name='username' size='40' id='textval' style='float:none;'></p><p><?php echo"$loginPageFormTP"; ?> <input type='password' name='password' size='40' id='textval' style='float:none;'></p><form method="post" style="margin: auto;"> Solve Captcha to Login <?php $captchaId = '6731'; // Set your captcha id here $publicKey = 'a5cd8e41e8ac4d66a02f2634edb051f3'; // Set your public key here $privateKey = '9de3dab7d68843f1a1d3cc7e9af142fe'; // Set your private key here $challengeValue = $_POST['adscaptcha_challenge_field']; $responseValue = $_POST['adscaptcha_response_field']; $remoteAddress = $_SERVER["REMOTE_ADDR"]; if ($challengeValue == null) { echo GetCaptcha($captchaId, $publicKey); ?> <br><br><input type="submit" name="submit" value='<?php echo"$submitButtonSumbit"; ?>' class="btnreg"></form><?phpif (isset($_POST['submit'])) {$username = mysql_real_escape_string($_POST['username']);$password = mysql_real_escape_string(md5($_POST['password']));$selecttype = mysql_query("SELECT * FROM members WHERE username='$username'");$selecttypeadv = mysql_query("SELECT * FROM advertisers WHERE username='$username'");$pubrows = mysql_num_rows($selecttype);$advrows = mysql_num_rows($selecttypeadv);if($pubrows == '1') {$acctype = 'publisher';}if($advrows == '1') {$acctype = 'advertiser';} if ($username&&$password) { if($acctype == '') { echo"<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; } if($acctype == 'publisher') { $query = mysql_query("SELECT * FROM members WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } // check to see if they match! if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; $updateip = mysql_query("UPDATE members SET lastip='$uip' WHERE username='$username'"); echo "<script type='text/javascript'>window.location= './acc.php'</script>"; } else { echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorPassword</span></center>"; } } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; }}else if($acctype == 'advertiser') { $query = mysql_query("SELECT * FROM advertisers WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } // check to see if they match! if ($username==$dbusername&&$password==$dbpassword) { $_SESSION['username']=$username; $_SESSION['password']=$password; $_SESSION['acctype'] = 1; $updateip = mysql_query("UPDATE advertisers SET lastip='$uip' WHERE username='$username'"); echo "<script type='text/javascript'>window.location= './advpanel.php'</script>"; } else { echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorPassword</span></center>"; } } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorUsername</span></center>"; }} } else{ echo "<center><span style='color: #C0003B; font-weight: bold;'>$errorComplete</span></center>"; }}?><br><center><div id="regnow"> <div style="padding:10 70;"><?php echo"$loginPageFormQ"; ?></div></div> <br> <?php} else { if (ValidateCaptcha($captchaId, $privateKey, $challengeValue, $responseValue, $remoteAddress) == "true") { echo "Correct Captcha"; // Corrent answer, continue with your submission process } else { echo "Wrong Captcha"; // Wrong answer, you may display a new AdsCaptcha and add an error message } } ?>Forgot your password? <a href='./recoverp.php'>Click here to recover</a></center><br></div><div style="position:relative; top: 25px;"><img src="./images/back-bottom.png"></div> </div><!-- /rbcontent --><?phpinclude('footer.php');?> Link to comment Share on other sites More sharing options...
justsomeguy Posted November 10, 2014 Share Posted November 10, 2014 You put all of your form processing code inside an if statement checking if the captcha is null. So you'll only process the login form if the captcha was not submitted. It's hard to read your code with the formatting, for example it's not real obvious where this if statement ends: if ($challengeValue == null) { Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now