Nice post. It's now stickied.

-Andrew Riley

Andrew,

Andrew Riley wrote:Nice post. It's now stickied.

Thank you for your recognition, the above addition to my installation was the result of a weekend prodding the keyboard along with being quick and dirty in its methods.

While I was at work last night I thought more about how I implemented this addition to PHPFormMail, and on arriving home I rewrote what I had done to hopefully make it more friendly towards further development by your team.

Essentially there is now a block defining a constant near the head of the script, that a user can uncomment and use. Also there is a code change at the place where I check for a CAPTCHA method so that a new function is called to to determine if a captcha method is in use, and then act upon it.

One side effect is that if the user edits the script to create an appropriate constant defining the CAPTCHA applications installation location, then and ONLY then will PHPFormMail attempt to use it in order to check the captcha input from the submission. In the event that the user has misconfigured the captcha application or PHPFormMail then PHP is almost certainly going to throw an error, fail to produce output, or in the worst case ignore captcha input !

I hope this more structured approach will make it easier to include the additional code in any of your future PHPFormMail releases, and aid any future development providing other CAPTCHA methods.

Here's the new diff file against v1.07.2

2c2
< define('VERSION','Classic v1.07.2');
---
> define('VERSION','Classic v1.07.2.captcha');
39a40,75
> // +------------------------------------------------------------------------+
> // | Define the locations of your CAPTCHA application(s) |
> // | |
> // | The constants below can be used to define where the different CAPTCHA |
> // | generating applications that are currently understood by PHPFormMail |
> // | are installed on your system. |
> // | |
> // | PHPFormMail will *_ONLY_* perform captcha checking when you uncomment |
> // | one or more of the define statements below and edit them to provide |
> // | the correct path to the appropriate installation location(s). |
> // | |
> // +------------------------------------------------------------------------+
>
> // +------------------------------------------------------------------------+
> // | Securimage - Download from |
> // | |
> // | When using Securimage care should be taken to ensure the data |
> // | directory defined in the securimage.php file resolves to the same |
> // | location from *BOTH* the PHPFormMail directory *AND* the Securimage |
> // | directory ! |
> // | |
> // | You may use a relative or absolute path from the PHPFormMail location |
> // | to the Securimage location, with or without a trailing slash. |
> // | |
> // +------------------------------------------------------------------------+
> //
> // Examples
> //
> // Absolute path
> // define('SECURIMAGE_PATH','/path/to/your/installation/of/securimage');
> //
> // Relative path
> // define('SECURIMAGE_PATH','../../captchas/securimage');
>
> // --------------------------------------------------------------------------
>
65c101,103
< 'subject_prefix');
---
> 'subject_prefix',
> 'captcha_type', 'captcha_text', 'Submit', 'submit'
> );
516a555,588
>
> /****************************************************************
> * check_captcha() is used to implement known CAPTCHA *
> * techniques understood by PHPFormMail, and when the available *
> * environment allows will branch to a suitable section of code *
> * to check capture input from the user of a form. *
> * Function added in 1.07.2.captcha *
> ****************************************************************/
> function check_captcha()
> {
> global $form, $errors;
>
> // When the form passes the variable 'captcha_type' branch based on a known type
> if (isset($form['captcha_type'])) {
>
> switch (strtolower($form['captcha_type'])) {
>
> case 'securimage':
> // ONLY check securimage if we have its installation path
> if(defined('SECURIMAGE_PATH')) {
> include(SECURIMAGE_PATH."/securimage.php");
> $img = new securimage();
> $valid = $img->check($form['captcha_text']);
> if($valid != TRUE) {
> $errors[] = '0|Sorry, the code you entered was invalid.';
> error_log('[PHPFormMail] Incorrect CAPTCHA code entered.');
> }
> }
> break;
> }
> }
> }
>
>
551a624
> check_captcha();
600a674,678
>
>
>
>
>

Best regards

Chris Lander

Hi,

I am quite new to PHP programming but using Andrew's PFM script from quite a long time.

I need help in setting CAPTCHA in my formail script.

Guys can you please provide the finished captcha PFM script and guide me how to set it up. Currently I am using Classic v1.07.2

Kam
www.apexsol.com

I am the author of the Securimage captcha script and just wanted to let you know there is a new version out which has many more features and should be more reliable as it uses sessions instead of files to store codes.

The newest version can be downloaded from phpcaptcha.org

I will check back here in a few weeks and try to modify Chris' code to work with the new version of SI if no one else gets to it first.

I stumbled upon this today, and attempted to integrate it, but no success. Will this work with the securimage code I downloaded today, or has the newer code broken the formmail integration?
Thanks.