Fatal编程技术网
  • php/
  • php在登录时遇到reCAPTCHA问题

php在登录时遇到reCAPTCHA问题

php forms login

php在登录时遇到reCAPTCHA问题,php,forms,login,admin,recaptcha,Php,Forms,Login,Admin,Recaptcha,我在登录系统中插入reCAPTCHA时遇到问题,用户似乎可以输入正确的用户名和密码,而无需在reCAPTCHA中插入任何内容。登录用户示例为-username=steven password=steven 下面是网站链接和登录页面代码,然后是员工区域页面代码 任何人的帮助都将不胜感激 <?php require_once("includes/connection.php"); ?> <?php require_once("includes/functions.php"); ?

我在登录系统中插入reCAPTCHA时遇到问题,用户似乎可以输入正确的用户名和密码,而无需在reCAPTCHA中插入任何内容。登录用户示例为-username=steven password=steven

下面是网站链接和登录页面代码,然后是员工区域页面代码

任何人的帮助都将不胜感激

<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php


    include_once("includes/form_functions.php");

    // START FORM PROCESSING
    if (isset($_POST['submit'])) { // Form has been submitted.
        $errors = array();

        // perform validations on the form data
        $required_fields = array('username', 'password');
        $errors = array_merge($errors, check_required_fields($required_fields, $_POST));

        $fields_with_lengths = array('username' => 30, 'password' => 30);
        $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));

        $username = trim(mysql_prep($_POST['username']));
        $password = trim(mysql_prep($_POST['password']));
        $hashed_password = sha1($password);

        if ($_POST) { 
        require_once($_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php');
        $privatekey ="6LcHbc0SAAAAAOs2d7VnzV7RtedMkLs306ekQPUP";
        $resp = recaptcha_check_answer ($privatekey,
                            $_SERVER['REMOTE_ADDR'],
                            $_POST['recaptcha_challenge_field'],
                            $_POST['recaptcha_response_field']);
        $str_result = "";
        if (!$resp->is_valid) {
             // What happens when the CAPTCHA was entered incorrectly
            $message = "The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA   said: " . $resp->error . ")";
            // Add a redirect to an error page or just put an exit(); here

        } 

    }




        if ( empty($errors) ) {
            // Check database to see if username and the hashed password exist there.
            $query = "SELECT * ";
            $query .= "FROM users ";
            $query .= "WHERE username = '{$username}' ";
            $query .= "AND hashed_password = '{$hashed_password}' ";

            $result_set = mysql_query($query);
            confirm_query($result_set);
            if (mysql_num_rows($result_set) == 1) {
                // username/password authenticated
                // and only 1 match
                $found_user = mysql_fetch_array($result_set);
                redirect_to("staff.php");
            } else {
                // username/password combo was not found in the database
                $message = "<h1> Username or password is incorrect. </h1><br />
            ";
            }
        }
    }
?>
<?php include("includes/header.php"); ?>
<table id="structure">
    <tr>
        <td id="navigation">
            <a href="index.php">Return to public site</a>
        </td>
        <td id="page">
            <h2>Staff Login</h2>
            <?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
            <?php if (!empty($errors)) { display_errors($errors); } ?>
            <form action="login.php" method="post">
            <table>
                <tr>
                    <td>Username:</td>
                    <td><input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /></td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><input type="password" name="password" maxlength="30" value="<?php echo htmlentities($password); ?>" /></td>
                </tr>
                <tr>

  <?php
    require_once($_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php');
    $publickey = "6LcHbc0SAAAAABQAnCHSHGhSuSXkZ2d1MoBa4xw2";
    echo recaptcha_get_html($publickey);
?>

                    <td colspan="2"><input type="submit" name="submit" value="Login" /></td>
                </tr>
            </table>

            </form>
        </td>
    </tr>
</table>
<?php include("includes/footer.php"); ?>



在重定向到员工页面之前,应执行验证码检查。
尝试以下操作:


    // if ($_POST) {    // Don't need this

        require_once($_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php');
        $privatekey ="6LcHbc0SAAAAAOs2d7VnzV7RtedMkLs306ekQPUP";
        $resp = recaptcha_check_answer ($privatekey,
                            $_SERVER['REMOTE_ADDR'],
                            $_POST['recaptcha_challenge_field'],
                            $_POST['recaptcha_response_field']);
        $str_result = "";
        if (!$resp->is_valid) {
             // What happens when the CAPTCHA was entered incorrectly
            $message = "The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA   said: " . $resp->error . ")";
            echo $message;
            exit();

        } 

    //}



谢谢你的回复!然而在做了这些改变之后,我仍然有同样的问题。在不考虑recaptcha的情况下登录帐户。

    // if ($_POST) {    // Don't need this

        require_once($_SERVER['DOCUMENT_ROOT'] . '/recaptcha/recaptchalib.php');
        $privatekey ="6LcHbc0SAAAAAOs2d7VnzV7RtedMkLs306ekQPUP";
        $resp = recaptcha_check_answer ($privatekey,
                            $_SERVER['REMOTE_ADDR'],
                            $_POST['recaptcha_challenge_field'],
                            $_POST['recaptcha_response_field']);
        $str_result = "";
        if (!$resp->is_valid) {
             // What happens when the CAPTCHA was entered incorrectly
            $message = "The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA   said: " . $resp->error . ")";
            echo $message;
            exit();

        } 

    //}