$_COOKIE の代わりに $_SESSION を使用することで以前の問題を解決するトピックを投稿しましたが、正しい確認番号を入力しても、入力した番号が間違っていると表示されます。Web サイトにアクセスして、ランダムなテキストでランダムな MD5 ハッシュを生成しました。これは私がすべきことですか?
何が悪いのかわかりませんが、ここに私が持っているものがあります:
HTML フォーム:
<form id="ajax-contact-form" action="javascript:alert('success!');">
<label>Name:*</label><INPUT class="textbox" type="text" name="name" value=""><br />
<label>E-Mail:*</label><INPUT class="textbox" type="text" name="email" value=""><br />
<label>Telephone:</label><INPUT class="textbox" type="text" name=telephone" value="" /><br />
<INPUT class="textbox" type="hidden" name="subject" value="Contact Form" >
<label>Message:*</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25"></TEXTAREA><br />
<tr>
<label>Image Verification:*</label>
<input type="text" name="verify" style="width:200px;" /><img src="verification.php?<?php echo rand(0,9999);?>" width="50" height="24" align="absbottom" />
<label> </label><INPUT class="button" type="submit" name="submit" value="Send Message">
</form>
contactform.php:
<?php
/*
Credits: Bit Repository
URL: http://www.bitrepository.com/
*/
include 'config.php';
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
if($post)
{
include 'functions.php';
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$telephone = stripslashes($_POST['telephone']);
$subject = stripslashes($_POST['subject']);
$message = stripslashes($_POST['message']);
$verify = stripslashes($_POST['verify']);
$error = '';
// Check name
if(!$name)
{
$error .= 'Please enter your name.<br />';
}
// Check email
if(!$email)
{
$error .= 'Please enter an e-mail address.<br />';
}
if($email && !ValidateEmail($email))
{
$error .= 'Please enter a valid e-mail address.<br />';
}
// Check message (length)
if(!$message || strlen($message) < 15)
{
$error .= "Please enter your message. It should have at least 15 characters.<br />";
}
// Check Verification code
if(md5($verify).'098f6bcd4621d373cade4e832627b4f6' != $_SESSION['contact_verify'])
{
$error .= 'Image Verification failed.<br />';
}
//Send the Name, Email, Telephone, and Message in a formateed version.
$email_message = "The following message was sent to you in your contact form on domain.com\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "Name: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($telephone)."\n";
$email_message .= "Message: ".clean_string($message)."\n";
if(!$error)
{
$mail = mail(WEBMASTER_EMAIL, $subject, $email_message,
"From: ".$name." <".$email.">\r\n"
."Reply-To: ".$email."\r\n"
."X-Mailer: PHP/" . phpversion());
if($mail)
{
echo 'OK';
}
}
else
{
echo '<div class="notification_error">'.$error.'</div>';
}
}
?>
私のverification.phpファイル:
<?php
//Declare in the header what kind of file this is
header('Content-type: image/jpeg');
//A nice small image that's to the point
$width = 50;
$height = 24;
//Here we create the image with the sizes declared above and save it to a variable my_image
$my_image = imagecreatetruecolor($width, $height);
//Let's give our image a background color. White sound ok to everyone?
imagefill($my_image, 0, 0, 0xFFFFFF);
//Now we're going to add some noise to the image by placing pixels randomly all over the image
for ($c = 0; $c < 40; $c++){
$x = rand(0,$width-1);
$y = rand(0,$height-1);
imagesetpixel($my_image, $x, $y, 0x000000);
}
$x = rand(1,10);
$y = rand(1,10);
$rand_string = rand(1000,9999);
imagestring($my_image, 5, $x, $y, $rand_string, 0x000000);
/*
We're going to store a ****** in the user's browser so we can call to it
later and confirm they entered the correct verification. The
"decipher_k2s58s4" can be anything you want. It's just our personal
code to be added to the end of the captcha value stored in the ******
as an encrypted string
*/
$_SESSION['contact_verify'] = (md5($rand_string).'098f6bcd4621d373cade4e832627b4f6');
imagejpeg($my_image);
imagedestroy($my_image);
?>