Hi guys,
I have an email form on a website that sends the form data to an external php file (contact-form-handler.php) I have recently tried to add a captcha however I have been unsuccessful in getting the external php file to check if the captcha code was entered correctly.. At the moment it says that it is incorrect even when I enter the correct code. The website is www.bathroomdesignperth.com.au
The form code:
<form method="POST" name="contact_form" action="/templates/onlinespark/contact-form-handler.php">
<label for='name'>Name: </label>
<input type="text" name="name" value='<?php echo htmlentities($name) ?>'>
<label for='email'>Email: </label>
<input type="text" name="email" value='<?php echo htmlentities($visitor_email) ?>'>
<label for='phone'>Phone: </label>
<input type="text" name="phone" value='<?php echo htmlentities($phone) ?>'>
<label for='message'>Message:</label>
<textarea name="message" rows=8 cols=30><?php echo htmlentities($user_message) ?></textarea>
<label><img src="/templates/onlinespark/captcha.php"></label>
<?php $salt = 'some-random-text'; ?>
<input type="text" name="code" />
<input type="hidden" name="code_key" value="<?php echo sha1('Text in the image' . $salt); ?>" />
<input type="submit" value="Submit" name='submit' class="quoteButton">
</form>
The external php file:
<?php
if (isset($_POST['submit'])) {
$error = "";
if (!empty($_POST['name'])) {
$name = $_POST['name'];
} else {
$error .= "You didn't type in your name. <br />";
}
if (!empty($_POST['phone'])) {
$name = $_POST['phone'];
} else {
$error .= "You didn't enter your phone. <br />";
}
if (!empty($_POST['email'])) {
$email = $_POST['email'];
if (!preg_match("/^[a-z0-9]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email)){
$error .= "The e-mail address you entered is not valid. <br/>";
}
} else {
$error .= "You didn't type in an e-mail address. <br />";
}
if (!empty($_POST['message'])) {
$message = $_POST['message'];
} else {
$error .= "You didn't type in a message. <br />";
}
$salt = 'some-random-text'; // same salt string as in the original file
if ($_POST['code_key'] == sha1($_POST['code'] . $salt)) {
// captcha is correct
} else {
$error .= "The captcha code you entered does not match. Please try again. <br />";
}
if (empty($error)) {
$from = 'From: ' . $name . ' <' . $email . '>';
$to = "mail@mail.com.au";
$subject = "New contact form message";
$content = $name . " has sent you a message: \n" . $message;
$success = "<h3>Thank you! Your message has been sent!</h3>";
mail($to,$subject,$content,$from);
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>ERROR - Please fill in all fields!</title>
</head>
<body>
<!-- This page is displayed only if there is some error -->
<h1>ERROR - Please go back and fill in all fields!</h1>
<?php
if (!empty($error)) {
echo '<p class="error"><strong>Your message was NOT sent<br/> The following error(s) returned:</strong><br/>' . $error . '</p>';
} elseif (!empty($success)) {
echo $success;
}
?>
</body>
</html>