2011-04-13 54 views
0

我正在使用simple ajax commenting system,我現在不知道如何在提交頁面中集成recaptcha!如何在提交頁面中集成(驗證)recapcha

AJAX COMMENT.PHP

<?php 

// Error reporting: 
error_reporting(E_ALL^E_NOTICE); 

include "connect.php"; 
include "comment.class.php"; 


/* 
/ Select all the comments and populate the $comments array with objects 
*/ 
$id = empty($_GET['id'])?0:$_GET['id']; 
$comments = array(); 
$result = mysql_query("SELECT * FROM comments where url='$id' ORDER BY id desc"); 

while($row = mysql_fetch_assoc($result)) 
{ 
    $comments[] = new Comment($row); 
} 

?> 



<table width="800" border="0" class="komentar" cellpadding="0" cellspacing="0"> 
<tr> 
<td width="480"> 

<div id="addCommentContainer" style="width:500px; overflow-x:hidden;"> 
</div> 

<div id="main" style="width:500px; overflow-x:hidden;"> 

<?php 

/* 
/ Output the comments one by one: 
*/ 

foreach($comments as $c){ 
    echo $c->markup(); 
} 

?> 

</div> 



</td> 



<td valign="top" width="320"> 
    <table width="300" border="0" cellpadding="0" cellspacing="0"> 
    <tr> 
    <td height="16" background="commentfg.png" style="background-repeat:no-repeat;">    

    </td> 
    </tr> 

    <tr> 
    <td height="20" background="commentfs.png">     
    <form id="addCommentForm" method="post" action=""> 
     <div style="margin-left:15px; color:white;"> 

      <label for="name">Vase ime:&nbsp&nbsp</label><br> 
      <input type="text" name="name" id="name" /> 

     <p><label for="email">Email: (bice sakriven)&nbsp&nbsp</label><br> 
      <input type="text" name="email" id="email" /></p> 


      <input type="hidden" name="url" id="url" value="<?php $id = empty($_GET['id'])?0:$_GET['id']; echo $id;?>"/> 

      <label for="body">Unesite komentar:&nbsp&nbsp</label><br> 
      <textarea name="body" id="body" cols="30" rows="5" onKeyDown="limitText(this.form.body,this.form.countdown,200);" 
onKeyUp="limitText(this.form.body,this.form.countdown,200);"></textarea><br><br> 
      Broj preostalih znakova:(max 200):<input readonly type="text" name="countdown" size="3" value="200"> 
<br> 
    <script type="text/javascript" 
    src="http://www.google.com/recaptcha/api/challenge?k=6LeQc8MSAAAAAMGe16dslbxCRu3Frs_265JhH88j"> 
    </script> 
    <noscript> 
    <iframe src="http://www.google.com/recaptcha/api/noscript?k=6LeQc8MSAAAAAMGe16dslbxCRu3Frs_265JhH88j" 
     height="300" width="500" frameborder="0"></iframe><br> 
    <textarea name="recaptcha_challenge_field" rows="3" cols="40"> 
    </textarea> 
    <input type="hidden" name="recaptcha_response_field" 
     value="manual_challenge"> 
    </noscript> 
<br> 

      <input type="submit" id="submit" value="Potvrdi" /> 

     </div> 
    </form> 
    </td> 
    </tr> 

    <tr> 
    <td height="16" background="commentfd.png" style="background-repeat:no-repeat;">    

    </td> 
    </tr> 
    </table>  




</td> 
</tr> 
</table> 
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script> 
<script type="text/javascript" src="script.js"></script> 

COMMENT.CLASS.php

<?php 
class Comment 
{ 
    private $data = array(); 

    public function __construct($row) 
    { 
     /* 
     / The constructor 
     */ 

     $this->data = $row; 
    } 

    public function markup() 
    { 
     /* 
     / This method outputs the XHTML markup of the comment 
     */ 

     // Setting up an alias, so we don't have to write $this->data every time: 
     $d = &$this->data; 

     $link_open = ''; 
     $link_close = ''; 



     // Converting the time to a UNIX timestamp: 
     $d['dt'] = strtotime($d['dt']); 

     // Needed for the default gravatar image: 
     $url = 'http://'.dirname($_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"]).'/img/default_avatar.png'; 

     return ' 
      <div style="width:500px; overflow-x:hidden;"> 
      <table width="500" > 
      <tr> 
      <td valign="top" width="100" height="120" background="avatar.png" style="background-repeat:no-repeat;" align="center"> 

       <div class="avatar" style="width:100px; overflow-x:hidden; margin-top:10px; "> 
        '.$link_open.' 
        <img src="http://www.gravatar.com/avatar/'.md5($d['email']).'?size=50&amp;default='.urlencode($url).'" /> 
        '.$link_close.' 
       </div> 
       <div style="width:80px; height:40px; overflow:hidden;"> 
       <font color="#47a5db">'.$link_open.$d['name'].$link_close.'</font> 
       </div> 

      </td> 
      <td width="400" valign="top"> 
       <table width="400" border="0" cellpadding="0" cellspacing="0"> 
       <tr> 
       <td height="20" valign="bottom" background="commentg.png" style="background-repeat:no-repeat;"> 
       <div class="date" title="Added at '.date('H:i \o\n d M Y',$d['dt']).'" style="margin-left:10px;"> 
       <font color="silver" size="-1">'.date('d M Y',$d['dt']).'</font> 
       </div>    
       </td> 
       </tr> 

       <tr> 
       <td background="comments.png" style="background-repeat:repeat-y;"> 
       <div style="width:350px; overflow-x:hidden; margin-top:0px; margin-left:10px;"> 
       <p><font color="white"><b>'.$d['body'].'</b></font></p> 
       </div> 
       </td> 
       </tr> 

       <tr> 
       <td height="20" background="commentd.png" style="background-repeat:no-repeat;">     

       </td> 
       </tr> 
       </table> 

      </td> 
      </tr> 
      </table> 
      </div>  
     '; 
    } 

    public static function validate(&$arr) 
    { 
     /* 
     / This method is used to validate the data sent via AJAX. 
     /
     / It return true/false depending on whether the data is valid, and populates 
     / the $arr array passed as a paremter (notice the ampersand above) with 
     / either the valid input data, or the error messages. 
     */ 

     $errors = array(); 
     $data = array(); 

     // Using the filter_input function introduced in PHP 5.2.0 

     if(!($data['email'] = filter_input(INPUT_POST,'email',FILTER_VALIDATE_EMAIL))) 
     { 
      $errors['email'] = 'Unesite validan Email!'; 
     } 

     if(!($data['url'] = filter_input(INPUT_POST,'url',FILTER_CALLBACK,array('options'=>'Comment::validate_text')))) 
     { 
      // If the URL field was not populated with a valid URL, 
      // act as if no URL was entered at all: 

      $errors['url'] = 'Please enter a url.'; 
     } 

     // Using the filter with a custom callback function: 

     if(!($data['body'] = filter_input(INPUT_POST,'body',FILTER_CALLBACK,array('options'=>'Comment::validate_text')))) 
     { 
      $errors['body'] = 'Niste uneli komentar!'; 
     } 

     if(!($data['name'] = filter_input(INPUT_POST,'name',FILTER_CALLBACK,array('options'=>'Comment::validate_text')))) 
     { 
      $errors['name'] = 'Niste uneli ime!'; 
     } 

     if(!empty($errors)){ 

      // If there are errors, copy the $errors array to $arr: 

      $arr = $errors; 
      return false; 
     } 

     // If the data is valid, sanitize all the data and copy it to $arr: 

     foreach($data as $k=>$v){ 
      $arr[$k] = mysql_real_escape_string($v); 
     } 

     // Ensure that the email is lower case: 

     $arr['email'] = strtolower(trim($arr['email'])); 

     return true; 

    } 

    private static function validate_text($str) 
    { 
     /* 
     / This method is used internally as a FILTER_CALLBACK 
     */ 

     if(mb_strlen($str,'utf8')<1) 
      return false; 

     // Encode all html special characters (<, >, ", & .. etc) and convert 
     // the new line characters to <br> tags: 

     $str = nl2br(htmlspecialchars($str)); 

     // Remove the new line characters that are left 
     $str = str_replace(array(chr(10),chr(13)),'',$str); 

     return $str; 
    } 

} 

?> 

SUBMIT.PHP

<?php 

// Error reporting: 
error_reporting(E_ALL^E_NOTICE); 

include "connect.php"; 
include "comment.class.php"; 

/* 
/ This array is going to be populated with either 
/ the data that was sent to the script, or the 
/ error messages. 
/*/ 

$arr = array(); 
$validates = Comment::validate($arr); 

if($validates) 
{ 
    /* Everything is OK, insert to database: */ 

    mysql_query(" INSERT INTO comments(name,url,email,body) 
        VALUES (
         '".$arr['name']."', 
         '".$arr['url']."', 
         '".$arr['email']."', 
         '".$arr['body']."' 
        )"); 

    $arr['dt'] = date('r',time()); 
    $arr['id'] = mysql_insert_id(); 

    /* 
    / The data in $arr is escaped for the mysql query, 
    / but we need the unescaped variables, so we apply, 
    / stripslashes to all the elements in the array: 
    /*/ 

    $arr = array_map('stripslashes',$arr); 

    $insertedComment = new Comment($arr); 

    /* Outputting the markup of the just-inserted comment: */ 

    echo json_encode(array('status'=>1,'html'=>$insertedComment->markup())); 

} 
else 
{ 
    /* Outputtng the error messages */ 
    echo '{"status":0,"errors":'.json_encode($arr).'}'; 
} 

?> 

回答

0

一般

  1. 在您的評論(提交)頁面上調用captcha腳本。它將值設置爲會話變量(例如$ _SESSION [「captcha」])。
  2. 將文本輸入放到您的提交表單中以獲取用戶對captcha的回答(如果未提供驗證碼腳本)。
  3. 在提交腳本中檢查會話值是否與用戶的輸入相匹配。
+0

我這樣做,在AJAX COMMENT.PHP

標籤之間我把<腳本類型= 「文/ JavaScript的」 SRC =「http://www.google.com/recaptcha/api/challenge?k=6Ldsc8MSAAAAAPzRQUcmlQkpC8X -X_xGDu7PW5ou 「>