var_dump($_COOKIE);
   echo "\n\n";
   echo "SESSION ";
   var_dump($_SESSION);
   echo "</pre>\n";*/
 $captcha_code = $this->ctf_clean_input($_POST['si_contact_captcha_code']);
 if (!isset($_SESSION['securimage_code_ctf_' . $form_id_num]) || empty($_SESSION['securimage_code_ctf_' . $form_id_num])) {
     $this->si_contact_error = 1;
     $fsc_error_message['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form');
 } else {
     if (empty($captcha_code) || $captcha_code == '') {
         $this->si_contact_error = 1;
         $fsc_error_message['captcha'] = $si_contact_opt['error_captcha_blank'] != '' ? $si_contact_opt['error_captcha_blank'] : __('Please complete the CAPTCHA.', 'si-contact-form');
     } else {
         require_once "{$captcha_path_cf}/securimage.php";
         $img = new Securimage_ctf();
         $img->form_num = $form_id_num;
         // makes compatible with multi-forms on same page
         $valid = $img->check("{$captcha_code}");
         // Check, that the right CAPTCHA password has been entered, display an error message otherwise.
         if ($valid == true) {
             // some empty field and time based honyepot traps for spam bots
             $hp_check = $this->si_contact_check_honeypot("{$form_id_num}");
             if ($hp_check != 'ok') {
                 $this->si_contact_error = 1;
                 $fsc_error_message['captcha'] = $si_contact_opt['error_spambot'] != '' ? $si_contact_opt['error_spambot'] : __('Possible spam bot.', 'si-contact-form');
             }
             // ok can continue
         } else {
             $this->si_contact_error = 1;
             $fsc_error_message['captcha'] = $si_contact_opt['error_captcha_wrong'] != '' ? $si_contact_opt['error_captcha_wrong'] : __('That CAPTCHA was incorrect.', 'si-contact-form');
Esempio n. 2
0
 static function check_captcha()
 {
     // begin captcha check if enabled
     // captcha is optional but recommended to prevent spam bots from spamming your contact form
     if (FSCF_Display::is_captcha_enabled(self::$form_id_num)) {
         $captcha_code = FSCF_Util::clean_input($_POST['captcha_code']);
         if (self::$global_options['enable_php_sessions'] == 'true') {
             // this feature only works when PHP sessions are enabled
             //captcha with PHP sessions
             if (!isset($_SESSION['securimage_code_ctf_' . self::$form_id_num]) || empty($_SESSION['securimage_code_ctf_' . self::$form_id_num])) {
                 self::$form_errors['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form');
             } else {
                 if (empty($captcha_code)) {
                     self::$form_errors['captcha'] = self::$form_options['error_captcha_blank'] != '' ? self::$form_options['error_captcha_blank'] : __('Please complete the CAPTCHA.', 'si-contact-form');
                 } else {
                     require_once FSCF_CAPTCHA_PATH . '/securimage.php';
                     $img = new Securimage_ctf();
                     $img->form_num = self::$form_id_num;
                     // makes compatible with multi-forms on same page
                     $valid = $img->check("{$captcha_code}");
                     // has the right CAPTCHA code has been entered?
                     if ($valid == true) {
                         // ok can continue
                     } else {
                         self::$form_errors['captcha'] = self::$form_options['error_captcha_wrong'] != '' ? self::$form_options['error_captcha_wrong'] : __('That CAPTCHA was incorrect.', 'si-contact-form');
                     }
                 }
             }
         } else {
             //captcha without PHP sessions
             if (empty($captcha_code)) {
                 self::$form_errors['captcha'] = self::$form_options['error_captcha_blank'] != '' ? self::$form_options['error_captcha_blank'] : __('Please complete the CAPTCHA.', 'si-contact-form');
             } else {
                 if (!isset($_POST['fscf_captcha_prefix' . self::$form_id_num]) || empty($_POST['fscf_captcha_prefix' . self::$form_id_num])) {
                     // this error means PHP session error, or they sat on the page more than 30 min
                     self::$form_errors['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form');
                 } else {
                     $prefix = 'xxxxxx';
                     if (isset($_POST['fscf_captcha_prefix' . self::$form_id_num]) && is_string($_POST['fscf_captcha_prefix' . self::$form_id_num]) && preg_match('/^[a-zA-Z0-9]{15,17}$/', $_POST['fscf_captcha_prefix' . self::$form_id_num])) {
                         $prefix = $_POST['fscf_captcha_prefix' . self::$form_id_num];
                     }
                     if (is_readable(FSCF_CAPTCHA_PATH . '/cache/' . $prefix . '.php')) {
                         include FSCF_CAPTCHA_PATH . '/cache/' . $prefix . '.php';
                         // has the right CAPTCHA code has been entered?
                         if (0 == strcasecmp($captcha_code, $captcha_word)) {
                             // captcha was matched
                             @unlink(FSCF_CAPTCHA_PATH . '/cache/' . $prefix . '.php');
                             // ok can continue
                         } else {
                             self::$form_errors['captcha'] = self::$form_options['error_captcha_wrong'] != '' ? self::$form_options['error_captcha_wrong'] : __('That CAPTCHA was incorrect.', 'si-contact-form');
                         }
                     } else {
                         // this error means cache read error, or they sat on the page more than 30 min
                         self::$form_errors['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form');
                     }
                 }
             }
         }
         // end if use PHP session
     }
     // end if enable captcha
 }