how to implement captcha in vihistory searches

14/02/12

Permalink 12:30:38 pm, by sarneil, 790 words, 122 views   English (CA)
Categories: Activity log; Mins. worked: 240

how to implement captcha in vihistory searches

To make captcha work, you need to make modifications to the included form file and to the file that invokes the form.
// I'm using the $_SESSION['captchaPassed'] variable, so that even if the user moves from form to form or query to query, they only have to verify one captcha per session
// if $_SESSION['captchaPassed'] is not set, the user has not yet tried to validate a captcha field in this session
// if $_SESSION['captchaPassed'] is set and has value false, the user has tried to validate a captcha field in this session and failed
// if $_SESSION['captchaPassed'] is set and has value true, the user has successfully validated a captcha field in this session

I'll need to rewrite the code in the annotations section to call on the instance of captcha in the captcha folder rather than the one in the annotate folder.

Because the js file currently assumes the call is coming from a file at a certain level in the site hierarchy, and the search and annotate files are at different levels in that hierarchy, I'll have to either write a separate function for the annotate call, or modify the calls to the loadcaptcha function so they pass in the path from themselves to the root as a second argument.

==================================================
Changes to the actual search form (e.g. censusformbasic) as seen in censusformbasicCaptcha.php
==================================================

1) Make sure this line points to correct file (for production, should be searchcensus.php) :

$search_arg = "searchcensusCaptcha.php?start=0&form=$form&show=n";

2) Add this block at end of form:

<?php
if ((isset($_SESSION['captchaPassed'])) && ($_SESSION['captchaPassed'])) {
//do nothing
} else {
?>
<fieldset class="">
<legend>
Verify
</legend>
<label>
To verify that you are a real, live human and not a spambot,<br />
enter the text you see in the image below.<br />
If you can't read the text, click
<a href="javascript:loadcaptcha('captcha');"><b>here</b></a>,
or see the <a href="<?php print $doc_root; ?>/help/annotation.php#verify">help page</a>.
<?php
if ((isset($_SESSION['captchaPassed'])) && (!($_SESSION['captchaPassed']))) {
print '<br /><br /><span style="color: #ff0000; font-weight: bold;">The text you entered does not match the image. Try again. </span>';
}
?>
</label>
<br />
<label for="verifier">Image text (5 letters)</label>
<input type="text" name="verifier" id="verifier" value="" />
<img id="captcha" src="<?php print $doc_root; ?>/captcha/captcha.php" width="200" height="60" alt="Verify" style="border: 1px solid #000000;;"/>
</fieldset>
<?php
} // end of if isset($_SESSION['captchaPassed']) ...
?>

==================================================
Changes to the page calling the form (e.g. searchcensus.php) as seen in searchcensusCaptcha.php.
==================================================

1) Add these blocks to head:

/**
* Load captcha library.
*/
require_once("$doc_root/captcha/php-captcha.inc");

<script type="text/javascript" src="<? print $doc_root ?>/script/loadcaptcha.js"></script>

2) Make sure this line points to right file (for production, should be searchcensus.php):

$search_page = "searchcensusCaptcha.php";

3) Add this block immediately after the first "if (isset($_GET['start'])) {"

//SA we need to defy the spambots
// I'm using the $_SESSION['captchaPassed'] variable
// if $_SESSION['captchaPassed'] is not set, the user has not yet tried to validate a captcha field in this session
// if $_SESSION['captchaPassed'] is set and has value false, the user has tried to validate a captcha field in this session and failed
// if $_SESSION['captchaPassed'] is set and has value true, the user has successfully validated a captcha field in this session
// need to do the CAPTCHA test before any query gets sent to the DB
// Only do the test if the user has not tried to validate yet, or if the user has tried to validate and failed
// my actual is test is : if (NOT ((session var is set) AND (session var is true)) )
if (!((isset($_SESSION['captchaPassed'])) && ($_SESSION['captchaPassed'] == true))) {
if (PhpCaptcha::Validate($_POST['verifier'])) {
$_SESSION['captchaPassed'] = true;
} else {
$_SESSION['captchaPassed'] = false;
}
}
if ((isset($_SESSION['captchaPassed'])) && ($_SESSION['captchaPassed'] == true)) {
// We know user has successfully validated the captcha, so do the query and display the results

4) add this block immediately before "} // end of if isset($_GET['start'])"

} // end of if isset ($_SESSION['captchaPassed']) ...

5) make sure this line points to correct file (that is, censusformbasic):

require("$doc_root/inc/censusformbasicCaptcha.inc"); //SA was censusformbasic.inc

6) add this block immediately before the second "if (isset($_GET['start'])) {"

if ((isset($_SESSION['captchaPassed'])) && ($_SESSION['captchaPassed'] == true)) {

7) add this block after "pg_free_result($result); }}"

} // end of if isset($_SESSION['captchaPassed']) ...

Pingbacks:

No Pingbacks for this post yet...

viHistory

viHistory is a web site that is a teaching, learning and research tool. It's principally about the history of Vancouver Island in British Columbia, but it is also a vehicle for exploring the larger field of Canadian history during the late 19th and early part of the 20th century. It allows census, directory and tax assessment roll data from the late 19th and early 20th centuries to be searched in many ways. It also incorporates IMaP to display historical maps. The project director is Dr. Patrick A. Dunae.

Reports

Categories

August 2014
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31            

XML Feeds