-
Notifications
You must be signed in to change notification settings - Fork 30
[EN] Add a captcha (addons)
Thuban edited this page Mar 20, 2018
·
2 revisions
To use a CAPTCHA generated by blogotext in a form, follow these instructions
When inc/boot.php file is required, a random operation is generated (the sum of two integers)
The result is saved as a token : the hash of the result with the visitor user agent.
When the form is submitted, these are send :
- The result entered by the visitor
- The hash pre-computed (hidden)
To check a captcha, compare the token with a new hash computed from user input.
- require
inc/boot.phpin your code. It's already prepared for addons. - Show the two integers to add, accessible with these variables :
$GLOBALS['captcha']['x']$GLOBALS['captcha']['y']
- Turn one of those integers in full letters. Use the function
en_lettres($GLOBALS['captcha']['y']) - Add and hide the token in the form with the function
hidden_input('your_input_token', $GLOBALS['captcha']['hash'])
you can use the function captcha_form() to insert the above code easily.
- Get the result entered by the visitor :
$datas['captcha'] = filter_input(INPUT_POST, 'your_input_captcha', FILTER_SANITIZE_SPECIAL_CHARS); - get the token :
datas['token'] = filter_input(INPUT_POST, 'your_input_token', FILTER_SANITIZE_SPECIAL_CHARS); - Compute the hash and compare with the token :
// user agent
$ua = (isset($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : '';
if ($datas['token'] != sha1($ua.$datas['captcha'])) {
// error !
}
You can use the function captcha_check($token, $captcha) which returns true if the captcha is valid instead of the whole above code.