static function check_captcha() { // begin captcha check if enabled // captcha is optional but recommended to prevent spam bots from spamming your contact form if (FSCF_Display::is_captcha_enabled(self::$form_id_num)) { $captcha_code = FSCF_Util::clean_input($_POST['captcha_code']); if (self::$global_options['enable_php_sessions'] == 'true') { // this feature only works when PHP sessions are enabled //captcha with PHP sessions if (!isset($_SESSION['securimage_code_ctf_' . self::$form_id_num]) || empty($_SESSION['securimage_code_ctf_' . self::$form_id_num])) { self::$form_errors['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form'); } else { if (empty($captcha_code)) { self::$form_errors['captcha'] = self::$form_options['error_captcha_blank'] != '' ? self::$form_options['error_captcha_blank'] : __('Please complete the CAPTCHA.', 'si-contact-form'); } else { require_once FSCF_CAPTCHA_PATH . '/securimage.php'; $img = new Securimage_ctf(); $img->form_num = self::$form_id_num; // makes compatible with multi-forms on same page $valid = $img->check("{$captcha_code}"); // has the right CAPTCHA code has been entered? if ($valid == true) { // ok can continue } else { self::$form_errors['captcha'] = self::$form_options['error_captcha_wrong'] != '' ? self::$form_options['error_captcha_wrong'] : __('That CAPTCHA was incorrect.', 'si-contact-form'); } } } } else { //captcha without PHP sessions if (empty($captcha_code)) { self::$form_errors['captcha'] = self::$form_options['error_captcha_blank'] != '' ? self::$form_options['error_captcha_blank'] : __('Please complete the CAPTCHA.', 'si-contact-form'); } else { if (!isset($_POST['fscf_captcha_prefix' . self::$form_id_num]) || empty($_POST['fscf_captcha_prefix' . self::$form_id_num])) { // this error means PHP session error, or they sat on the page more than 30 min self::$form_errors['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form'); } else { $prefix = 'xxxxxx'; if (isset($_POST['fscf_captcha_prefix' . self::$form_id_num]) && is_string($_POST['fscf_captcha_prefix' . self::$form_id_num]) && preg_match('/^[a-zA-Z0-9]{15,17}$/', $_POST['fscf_captcha_prefix' . self::$form_id_num])) { $prefix = $_POST['fscf_captcha_prefix' . self::$form_id_num]; } if (is_readable(FSCF_CAPTCHA_PATH . '/cache/' . $prefix . '.php')) { include FSCF_CAPTCHA_PATH . '/cache/' . $prefix . '.php'; // has the right CAPTCHA code has been entered? if (0 == strcasecmp($captcha_code, $captcha_word)) { // captcha was matched @unlink(FSCF_CAPTCHA_PATH . '/cache/' . $prefix . '.php'); // ok can continue } else { self::$form_errors['captcha'] = self::$form_options['error_captcha_wrong'] != '' ? self::$form_options['error_captcha_wrong'] : __('That CAPTCHA was incorrect.', 'si-contact-form'); } } else { // this error means cache read error, or they sat on the page more than 30 min self::$form_errors['captcha'] = __('That CAPTCHA was incorrect. Try again.', 'si-contact-form'); } } } } // end if use PHP session } // end if enable captcha }
static function get_var($form_id_num, $name) { // Gets field value, if any, from query parm $value = isset($_GET["{$form_id_num}{$name}"]) ? FSCF_Util::clean_input($_GET["{$form_id_num}{$name}"]) : ''; return $value; }