I tried to create a simple contact form according to this tutorial
To avoid spam attacks I tried to combine that contact form with the really simple captcha plugin.
With the following code I’m able to use the shortcode [contact] in any of my pages and the form is displaying BUT there is a problem when checking the captcha.
This is the plugin’s code:
function wptuts_get_the_ip() {
if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
return $_SERVER["HTTP_X_FORWARDED_FOR"];
}
elseif (isset($_SERVER["HTTP_CLIENT_IP"])) {
return $_SERVER["HTTP_CLIENT_IP"];
}
else {
return $_SERVER["REMOTE_ADDR"];
}
}
// short code function
function wptuts_contact_form_sc( $atts ) {
add_shortcode( 'contact', 'contact_form_shortcode' );
extract(shortcode_atts(array(
"email" => get_bloginfo('admin_email'),
"subject" => '',
"label_name" => 'Your Name',
"label_email" => 'Your E-mail Address',
"label_subject" => 'Your Answer',
"label_captcha" => 'Captcha',
"label_submit" => 'Submit',
"error_empty" => 'Please fill in all the required fields.',
"error_noemail" => 'Please enter a valid e-mail address.',
"success" => 'Thanks for your e-mail! We'll get back to you as soon as we can.'
), $atts));
$captcha_instance = new ReallySimpleCaptcha(); //imports really simple captcha plugin
$word = $captcha_instance->generate_random_word();
$prefix = mt_rand();
$image= $captcha_instance->generate_image( $prefix, $word );
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$error = false;
$required_fields = array("your_name", "email", "captcha", "subject");
foreach ($_POST as $field => $value) {
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
$form_data[$field] = strip_tags($value);
}
foreach ($required_fields as $required_field) {
$value = trim($form_data[$required_field]);
if(empty($value)) {
$error = true;
$result = $error_empty;
}
}
if(!is_email($form_data['email'])) {
$error = true;
$result = $error_noemail;
}
if ($error == false) {
$captcha_text=$form_data['captcha'];
$correct = $captcha_instance->check( $prefix, $captcha_text );
if($correct==TRUE){
$email_subject = "[" . get_bloginfo('name') . "] " . $form_data['subject'];
$email_message = $form_data['captcha'] . "nnIP: " . wptuts_get_the_ip();
$headers = "From: ".$form_data['your_name']." <".$form_data['email'].">n";
$headers .= "Content-Type: text/plain; charset=UTF-8n";
$headers .= "Content-Transfer-Encoding: 8bitn";
wp_mail($email, $email_subject, $email_message, $headers);
$result = $success;
$sent = true;
}
}
}
if($result != "") {
$info = '<div class="info">'.$result.'</div>';
}
$email_form = '<form class="contact-form" method="post" action="'.get_permalink().'">
<div>
<label for="cf_name">'.$label_name.':</label>
<input type="text" name="your_name" id="cf_name" size="50" maxlength="50" value="'.$form_data['your_name'].'" />
</div>
<div>
<label for="cf_email">'.$label_email.':</label>
<input type="text" name="email" id="cf_email" size="50" maxlength="50" value="'.$form_data['email'].'" />
</div>
<div>
<label for="cf_subject">'.$label_subject.':</label>
<input type="text" name="subject" id="cf_subject" size="50" maxlength="50" value="'.$subject.$form_data['subject'].'" />
</div>
<div>
<label for="cf_message">'.$label_captcha.':</label>
<input type="text" name="captcha" id="cf_message" size="50" maxlength="50" value=""/>
</div>
<div id="captcha"><span id="captcha_text">Captcha:</span><img id="captcha_image" src="'.plugins_url("really-simple-captcha/tmp/" . $image) . '" alt="" /></div>
<div>
<input type="submit" value="'.$label_submit.'" name="send" id="cf_send" />
</div>
</form>';
if($sent == true) {
return $info;
} else {
return $info.$email_form;
}
}
add_shortcode('contact', 'wptuts_contact_form_sc');
// add plugins style to frontend
function prize_game_contact_form() {
wp_register_style('prize_game_contact_form', plugins_url('css/style.css',__FILE__));
wp_enqueue_style('prize_game_contact_form');
}
add_action('wp_enqueue_scripts', 'prize_game_contact_form');
I didn’t add $captcha_instance->remove( $prefix ); so far because it works not as it should. It seems that every time I click on the submit button a new word is created and the function $captcha_instance->check() checks if the new word equals the captcha text in the input field but those words doesn’t match of course because it’s already a new word. I don’t understand why a new word is created when clicking on the submit button. Where is the error?
I believe the problem is that you are generating a new
$prefixeach time the function runs. So there is no way to run thecheck()or theremove()because the$prefixused on the form is then a new value.In your form, create a hidden input field with the value of the
$prefixbeing used. So that value is posted with the form. When the function is run the 2nd time after the form post, use the posted$prefixvalue to do thecheck()andremove(). That should do it.Here is a detailed article on how to integrate Really Simple Captcha plugin into your plugin or theme together with the hidden prefix field I just mentioned: http://www.lost-in-code.com/platforms/wordpress/wordpress-plugins/wordpress-using-really-simple-captcha/
Feel free to let me know if you need any assistance.
Are you using WordPress? Do not try to reinvent the wheel.
Download a free plugin like Contact Form 7 which includes an Ajax powered (doesn’t require page refresh) Askimet Spam Filter, plus CAPTCHA system.
My advise to you is this:
if you’re not using WordPress then you might check this simple form & captcha idea – if you can grab out the captcha part that is, captcha has become incredibly complex and over engineered when all it needs to do is differentiate simply between a human and non-human for most purposes.
You must create the variables $word, $prefix and $image only after you check the correctness of the user answer, and you must pass the $prefix value through a hidden input field. I haven’t checked it, but this code should work now: