1. 首頁
  2. 問答
  3. 如何啓用驗證碼

如何啓用驗證碼

2011-04-14 30 views
2

我嘗試用標籤如何啓用驗證碼

{{capture}}

預期的輸出是驗證碼框啓用驗證碼。相反,我看到的一樣,直接在頁面上的代碼看起來像一個錯誤顯示的驗證碼

<script type="text/javascript" src="http://api.recaptcha.net/ challenge?k=6LckUsMSAAAAAGcZR3JZw6Dusn4wKBBfZxHXh8w5"></script> <noscript> <iframe src="http://api.recaptcha.net/noscript?k=6LckUsMSAAAAAGcZR3JZw6Dusn4wKBBfZxHXh8w5" height="300" width="500" frameborder="0"></iframe><br /> <textarea name="recaptcha_challenge_field" rows="3" cols="40"></ textarea> <input type='hidden' name='recaptcha_response_field' value='manual_challenge' /> </noscript>

任何想法,我該怎麼處理?到錯誤的鏈接是here我用的是代碼直接使用的reCAPTCHA API與命名captcha.py此文件:

import urllib2, urllib 

API_SSL_SERVER="https://api-secure.recaptcha.net" 
API_SERVER="http://api.recaptcha.net" 
VERIFY_SERVER="api-verify.recaptcha.net" 

class RecaptchaResponse(object): 
    def __init__(self, is_valid, error_code=None): 
     self.is_valid = is_valid 
     self.error_code = error_code 

def displayhtml (public_key, 
       use_ssl = False, 
       error = None): 
    """Gets the HTML to display for reCAPTCHA 

    public_key -- The public api key 
    use_ssl -- Should the request be sent over ssl? 
    error -- An error message to display (from 
RecaptchaResponse.error_code)""" 

    error_param = '' 
    if error: 
     error_param = '&error=%s' % error 

    if use_ssl: 
     server = API_SSL_SERVER 
    else: 
     server = API_SERVER 

    return """<script type="text/javascript" src="%(ApiServer)s/ 
challenge?k=%(PublicKey)s%(ErrorParam)s"></script> 

<noscript> 
    <iframe src="%(ApiServer)s/noscript?k=%(PublicKey)s%(ErrorParam)s" 
height="300" width="500" frameborder="0"></iframe><br /> 
    <textarea name="recaptcha_challenge_field" rows="3" cols="40"></ 
textarea> 
    <input type='hidden' name='recaptcha_response_field' 
value='manual_challenge' /> 
</noscript> 
""" % { 
     'ApiServer' : server, 
     'PublicKey' : public_key, 
     'ErrorParam' : error_param, 
     } 


def submit (recaptcha_challenge_field, 
      recaptcha_response_field, 
      private_key, 
      remoteip): 
    """ 
    Submits a reCAPTCHA request for verification. Returns 
RecaptchaResponse 
    for the request 

    recaptcha_challenge_field -- The value of 
recaptcha_challenge_field from the form 
    recaptcha_response_field -- The value of recaptcha_response_field 
from the form 
    private_key -- your reCAPTCHA private key 
    remoteip -- the user's ip address 
    """ 

    if not (recaptcha_response_field and recaptcha_challenge_field and 
      len (recaptcha_response_field) and len 
(recaptcha_challenge_field)): 
     return RecaptchaResponse (is_valid = False, error_code = 
'incorrect-captcha-sol') 


    def encode_if_necessary(s): 
     if isinstance(s, unicode): 
      return s.encode('utf-8') 
     return s 

    params = urllib.urlencode ({ 
      'privatekey': encode_if_necessary(private_key), 
      'remoteip' : encode_if_necessary(remoteip), 
      'challenge': 
encode_if_necessary(recaptcha_challenge_field), 
      'response' : 
encode_if_necessary(recaptcha_response_field), 
      }) 

    request = urllib2.Request (
     url = "http://%s/verify" % VERIFY_SERVER, 
     data = params, 
     headers = { 
      "Content-type": "application/x-www-form-urlencoded", 
      "User-agent": "reCAPTCHA Python" 
      } 
     ) 

    httpresp = urllib2.urlopen (request) 

    return_values = httpresp.read().splitlines(); 
    httpresp.close(); 

    return_code = return_values [0] 

    if (return_code == "true"): 
     return RecaptchaResponse (is_valid=True) 
    else: 
     return RecaptchaResponse (is_valid=False, error_code = 
return_values [1])

而我使用它是迄今爲止在HTTP GET和POST處理程序:

template_values.update(dict(capture=captcha.displayhtml(public_key = CAPTCHA_PUB_KEY, use_ssl = False, error = None)))

是GET處理程序和POST有

def post(self, view): 
    challenge = self.request.get('recaptcha_challenge_field') 
    response = self.request.get('recaptcha_response_field') 
    remoteip = os.environ['REMOTE_ADDR'] 
    cResponse = captcha.submit(
      challenge, 
      response, 
      CAPTCHA_PRV_KEY, 
      remoteip) 

if cResponse.is_valid==True: 
    isHuman=True 
else: 
    isHuman=False

。我應該如何繼續?

UPDATE:要繼續我還補充說,只有讓通過其中變量isHuman =真,我想重定向到表單頁面,而不是打印錯誤消息的邏輯:

def post(self, view): 
    challenge = self.request.get('recaptcha_challenge_field') 
    response = self.request.get('recaptcha_response_field') 
    remoteip = os.environ['REMOTE_ADDR'] 
    cResponse = captcha.submit(
       challenge, 
       response, 
       CAPTCHA_PRV_KEY, 
       remoteip) 

    if cResponse.is_valid==True: 
     isHuman=True 
    else: 
     isHuman=False 
     self.response.out.write('captcha failed') #TO DO: redirect to form page 
     return

來源

2011-04-14 Niklas Rosencrantz

+0

是{{捕獲}}的腳本標籤中..? – 2011-04-14 11:45:34

回答

5

你是一個Django自動轉義的受害者。

嘗試{{capture|safe}}

來源

2011-04-14 12:58:00 geoffspear

+0

它的工作原理。謝謝! – 2011-04-15 10:54:27

+0

大聲笑,我有與jinja2相同的問題。 – 2012-06-01 22:59:51

4

Django的模板系統默認爲自動執行HTML轉義來避免事情像跨站點腳本攻擊 - 這是什麼打開所有的HTML的<tag> s轉換&lt;tag &gt;

爲了防止這種情況,你可以調用safe過濾器,如:

{{capture|safe}}

來源

2011-04-14 12:58:31 bgporter

+0

謝謝你的解決方案。我已經更新了它與我嘗試的下一步工作:當'isHuman = false'時重定向到表單頁面 – 2011-04-15 11:04:43

+0

您應該將它作爲單獨的問題發佈,我認爲... – bgporter 2011-04-15 11:40:44

相關問題

 相關問題