등록 양식에서 보안 문자를 확인하는 방법은 무엇입니까?

Question

this tutorial을 사용하여 보안 문자가있는 등록 양식을 만들려고하는데 captcha의 유효성을 검사하는 방법을 모르겠습니다. 도와 주실 수 있습니까? 등록 양식 를 표시하기 전에

1- 귀하의 경우 임의 또는 사전에 나오는 단어 문자열을 2 저장 위치가 어디 [세션을 생성 :

<?php 

include ('php/mysql_prisijungimas.php'); 


if (isset($_POST['formsubmitted'])) { 
    $error = array();//Declare An Array to store any error message 
    if (empty($_POST['name'])) {//if no name has been supplied 
     $error[] = 'Please Enter a name ';//add to array "error" 
    } else { 
     $name = $_POST['name'];//else assign it a variable 
    } 

    if (empty($_POST['e-mail'])) { 
     $error[] = 'Please Enter your Email '; 
    } else { 


     if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) { 
      //regular expression for email validation 
      $Email = $_POST['e-mail']; 
     } else { 
      $error[] = 'Your EMail Address is invalid '; 
     } 


    } 


    if (empty($_POST['Password'])) { 
     $error[] = 'Please Enter Your Password '; 
    } else { 
     $Password = $_POST['Password']; 
    } 


    if (empty($error)) //send to Database if there's no error ' 

    { // If everything's OK... 

     // Make sure the email address is available: 
     $query_verify_email = "SELECT * FROM members WHERE Email ='$Email'"; 
     $result_verify_email = mysqli_query($dbc, $query_verify_email); 
     if (!$result_verify_email) {//if the Query Failed ,similar to if($result_verify_email==false) 
      echo ' Database Error Occured '; 
     } 

     if (mysqli_num_rows($result_verify_email) == 0) { // IF no previous user is using this email . 


      // Create a unique activation code: 
      $activation = md5(uniqid(rand(), true)); 


      $query_insert_user = "INSERT INTO `members` (`Username`, `Email`, `Password`, `Activation`) VALUES ('$name', '$Email', '$Password', '$activation')"; 


      $result_insert_user = mysqli_query($dbc, $query_insert_user); 
      if (!$result_insert_user) { 
       echo 'Query Failed '; 
      } 

      if (md5($_POST['norobot']) == $_SESSION['randomnr2']) { 
     // here you place code to be executed if the captcha test passes 
      echo "Hey great , it appears you are not a robot"; 
    } else { 
     // here you place code to be executed if the captcha test fails 
      echo "you're a very naughty robot!"; 
    } 

      if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull. 


       // Send the email: 
       $message = " To activate your account, please click on this link:\n\n"; 
       $message .= WEBSITE_URL . '/activate.php?email=' . urlencode($Email) . "&key=$activation"; 
       mail($Email, 'Registration Confirmation', $message, 'From: test@gmail.com'); 

       // Flush the buffered output. 


       // Finish the page: 
       echo '<div class="success">Thank you for 
registering! A confirmation email 
has been sent to '.$Email.' Please click on the Activation Link to Activate your account </div>'; 


      } else { // If it did not run OK. 
       echo '<div class="errormsgbox">You could not be registered due to a system 
error. We apologize for any 
inconvenience.</div>'; 
      } 

     } else { // The email address is not available. 
      echo '<div class="errormsgbox" >That email 
address has already been registered. 
</div>'; 
     } 

    } else {//If the "error" array contains error msg , display them 



echo '<div class="errormsgbox"> <ol>'; 
     foreach ($error as $key => $values) { 

      echo ' <li>'.$values.'</li>'; 



     } 
     echo '</ol></div>'; 

    } 

    mysqli_close($dbc);//Close the DB Connection 

} // End of the main Submit conditional. 



?> 


<head> 
    <meta charset="UTF-8"> 

    <!-- Remove this line if you use the .htaccess --> 
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> 

    <meta name="viewport" content="width=device-width"> 

    <meta name="description" content="test."> 
    <meta name="author" content="test"> 

    <title>test</title> 


    <link href='http://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700' rel='stylesheet' type='text/css'> 
    <link rel="stylesheet" href="css/stilius.css"> 

</head> 
<body> 

<div class="container"> 

<hr> 
<div class="home-page main"> 
    <section class="grid-wrap" > 
     <header class="grid col-full"> 

<div class="right"> 
<form align="center" action="registracija.php" method="post" class="registration_form"> 
    <fieldset> 
    <legend>Registracijos forma </legend> 


    <div class="elements"> 
     <label for="name">Slapyvardis :</label> 
     <input type="text" id="name" name="name" size="25" /> 
    </div> 
    <div class="elements"> 
     <label for="e-mail">El. pa&#353;tas :</label> 
     <input type="text" id="e-mail" name="e-mail" size="25" /> 
    </div> 
    <div class="elements"> 
     <label for="Password">slapta&#382;odis:</label> 
     <input type="password" id="Password" name="Password" size="25" /> 


     <img src="captcha_code_file.php?rand=<?php echo rand(); ?>" 
id="captchaimg" > 
<label for="message">Enter the code above here :</label> 
<input id="6_letters_code" name="6_letters_code" type="text"> 



    </div> 
    <div class="submit"> 
    <input type="hidden" name="formsubmitted" value="TRUE" /> 
     <input type="submit" value="Registruotis!" /> 
    </div> 
    </fieldset> 
</form> 
</div> 

</body> 
</html> 

Answer 1

보안 문자는 아래 이미지 library.Process를 사용하여 만든 다만 어떤 문자열 사용자에게 3 비교 세션 값은 값 제출

귀하의 코드 :

if (md5($_POST['norobot']) == $_SESSION['randomnr2']) 
{ 
    echo 'You passed captcha test'; 
} 

$ _SESSION [ 'randomnr2'] 임의의 문자열을 만들고 세션에 저장합니다. 저장하기 전에 md5가 암호화됩니다.