Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include 'includes/core.php';
- include_once 'includes/head.php';
- include 'menu/menu.php';
- $id = $_GET['id']; // Get the content ID from the URL parameter
- // Generate a timestamp-based unique identifier for this CAPTCHA instance
- $captchaId = time();
- $_SESSION['captchaId'] = $captchaId;
- $num1 = rand(1, 10);
- $num2 = rand(1, 10);
- $operation = rand(0, 1) ? '+' : '-';
- $correctAnswer = $operation == '+' ? $num1 + $num2 : $num1 - $num2;
- $captchaQuestion = "What is $num1 $operation $num2?"; // Define the CAPTCHA question here
- // Store CAPTCHA answer in the database with the unique identifier
- $insertStmt = $pdo->prepare("INSERT INTO captcha_answers (session_id, answer) VALUES (:session_id, :answer)");
- $insertStmt->bindParam(':session_id', $captchaId);
- $insertStmt->bindParam(':answer', $correctAnswer);
- $insertStmt->execute();
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- $page_id = $_POST['page_id'];
- $comment = $_POST['comment'];
- $name = $_POST['name'];
- $captcha_answer = isset($_POST['captcha_answer']) ? trim($_POST['captcha_answer']) : '';
- $submittedCaptchaId = $_SESSION['captchaId'];
- // Retrieve the CAPTCHA answer from the database using the unique identifier
- $selectStmt = $pdo->prepare("SELECT answer FROM captcha_answers WHERE session_id = :session_id");
- $selectStmt->bindParam(':session_id', $submittedCaptchaId);
- $selectStmt->execute();
- $row = $selectStmt->fetch(PDO::FETCH_ASSOC);
- if ($row) {
- if (intval($captcha_answer) === intval($row['answer'])) {
- // Correct CAPTCHA answer, proceed with form processing
- // (Insert comment into database, etc.)
- // Redirect to prevent form resubmission
- header("Location: ?id=$id");
- exit();
- } else {
- // Log or output for debugging
- error_log("CAPTCHA validation failed. Expected: {$row['answer']}, Received: {$captcha_answer}");
- echo "<script>alert('Incorrect CAPTCHA answer, please try again.');</script>";
- }
- } else {
- echo "<script>alert('CAPTCHA validation error. Please try again.');</script>";
- }
- // Cleanup after attempt
- $deleteStmt = $pdo->prepare("DELETE FROM captcha_answers WHERE session_id = :session_id");
- $deleteStmt->bindParam(':session_id', $submittedCaptchaId);
- $deleteStmt->execute();
- unset($_SESSION['captchaId']); // Clear the CAPTCHA ID for the next attempt
- }
- ?>
- <body>
- <div class="parent-container">
- <div class="content">
- <?php if ($id == 1): ?>
- <img src="images/cooltext454173021986469.png">
- <?php elseif ($id == 2): ?>
- <img src="images/cooltext454172974574051.png">
- <?php elseif ($id == 3): ?>
- <img src="images/cooltext454172942527369.png">
- <?php endif; ?>
- <div class="comments_title">Prior Comments</div>
- <div class="comment">
- <?php if (!empty($comments)): ?>
- <?php foreach ($comments as $comment) : ?>
- <div class="comment-block">
- <div class="commenter-name">Commenter Name: <?php echo htmlspecialchars($comment['name']); ?></div>
- <div class="comment-text">Comment: <?php echo htmlspecialchars($comment['comment']); ?></div>
- </div>
- <?php endforeach; ?>
- <?php else: ?>
- <div class="no-comments">No comments yet...</div>
- <?php endif; ?>
- </div>
- <form method="post" action="">
- <input type="hidden" name="page_id" value="<?php echo htmlspecialchars($id); ?>">
- <label for="name"><span class="text">Name or Alias:</span></label><br>
- <input type="text" id="name" name="name" size="30" minlength="3" maxlength="40" required><br>
- <label for="comment"><span class="text">Enter Comment:</span></label><br>
- <textarea id="comment" name="comment" rows="5" cols="60" minlength="10" maxlength="200" required></textarea><br>
- <label for="captcha_answer"><span class="text"><?php echo $captchaQuestion; ?></span></label><br>
- <input type="text" id="captcha_answer" name="captcha_answer" required><br> <button type="submit" id="button22">Proceed</button>
- </form>
- <?php include 'includes/back.php' ?>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement