0
로그인 시스템에 reCAPTCHA를 삽입하는 데 문제가 있습니다. 사용자가 reCAPTCHA에 아무 것도 삽입하지 않고 올바른 사용자 이름과 비밀번호를 입력 할 수있는 것 같습니다. 로그인 사용자의 예는 다음과 같습니다. - username = steven password = stevenphp 로그인시 reCAPTCHA 관련 문제
다음은 로그인 페이지의 코드와 직원 페이지 코드입니다.
http://newmedia.leeds.ac.uk/ug10/cs10dw/workspace1/login.php
사람의 도움을 크게 감상 할 수있다.
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php
include_once("includes/form_functions.php");
// START FORM PROCESSING
if (isset($_POST['submit'])) { // Form has been submitted.
$errors = array();
// perform validations on the form data
$required_fields = array('username', 'password');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$fields_with_lengths = array('username' => 30, 'password' => 30);
$errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));
$username = trim(mysql_prep($_POST['username']));
$password = trim(mysql_prep($_POST['password']));
$hashed_password = sha1($password);
if ($_POST) {
require_once($_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php');
$privatekey ="6LcHbc0SAAAAAOs2d7VnzV7RtedMkLs306ekQPUP";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER['REMOTE_ADDR'],
$_POST['recaptcha_challenge_field'],
$_POST['recaptcha_response_field']);
$str_result = "";
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
$message = "The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")";
// Add a redirect to an error page or just put an exit(); here
}
}
if (empty($errors)) {
// Check database to see if username and the hashed password exist there.
$query = "SELECT * ";
$query .= "FROM users ";
$query .= "WHERE username = '{$username}' ";
$query .= "AND hashed_password = '{$hashed_password}' ";
$result_set = mysql_query($query);
confirm_query($result_set);
if (mysql_num_rows($result_set) == 1) {
// username/password authenticated
// and only 1 match
$found_user = mysql_fetch_array($result_set);
redirect_to("staff.php");
} else {
// username/password combo was not found in the database
$message = "<h1> Username or password is incorrect. </h1><br />
";
}
}
}
?>
<?php include("includes/header.php"); ?>
<table id="structure">
<tr>
<td id="navigation">
<a href="index.php">Return to public site</a>
</td>
<td id="page">
<h2>Staff Login</h2>
<?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
<?php if (!empty($errors)) { display_errors($errors); } ?>
<form action="login.php" method="post">
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /></td>
</tr>
<tr>
<?php
require_once($_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php');
$publickey = "6LcHbc0SAAAAABQAnCHSHGhSuSXkZ2d1MoBa4xw2";
echo recaptcha_get_html($publickey);
?>
<td colspan="2"><input type="submit" name="submit" value="Login" /></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<?php include("includes/footer.php"); ?>
* 직원 페이지 *
<?php require_once("includes/functions.php"); ?>
<?php include("includes/header.php"); ?>
<table id="structure">
<tr>
<td id="navigation">
</td>
<td id="page">
<h2>Staff Menu</h2>
<ul>
<li><a href="content.php">Manage Website Content</a></li>
<li><a href="new_user.php">Add Staff User</a></li>
<li><a href="logout.php">Logout</a></li>
</ul>
</td>
</tr>
</table>
<?php include("includes/footer.php"); ?>
감사합니다! 그러나 변경 한 후에도 여전히 동일한 문제가 발생합니다. recaptcha에 관계없이 계정에 로그인하십시오. – Dave
나는 내 대답을 편집했다. 대신 사용해보십시오. – seanbreeden
대단히 고맙습니다! – Dave