Forum für Fragen und Probleme

Zum Inhalt

Check findet nicht statt

Hier werden Probleme rund um das Rechen Captcha behandelt

Moderator: frameguard

Antwort erstellen

Check findet nicht statt

Beitragvon space » 21.02.2010, 19:09

Moin,
jetzt sitze ich schon Stunden und Versuche das Skript zum Laufen zu bringen. Das Gästebuchskript ist eine Datei und ich muss irgendwo ein großen Denkfehler haben, da es vollkommen egal ob und ich überhaupt etwas eingebe, der Eintrag wird immer erstellt. Evtl. kann mir jemand die ultimative Lösung sagen.
Hier der Code mit meinen Änderungen und schon einmal ein großes Danke :
Nachtrag: Die Url zur Seite: http://www.fskm-aurich.de
<?php
session_start();
function encrypt($string, $key) {
$result = '';
for($i=0; $i<strlen($string); $i++) {
$char = substr($string, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keychar));
$result.=$char;
}
return base64_encode($result);
}
$sicherheits_eingabe = encrypt($_POST["sicherheitscode"], "29921");
$sicherheits_eingabe = str_replace("=", "", $sicherheits_eingabe);
$sicherheitscode_korrekt = false;
if(isset($_SESSION['rechen_captcha_spam']) AND $sicherheits_eingabe == $_SESSION['rechen_captcha_spam'])
$sicherheitscode_korrekt = true;
unset($_SESSION['rechen_captcha_spam']);

if (!defined('IN_SAS'))
{
die("Hacking attempt");
}
if (IsSet ($_GET['suboption']))
{
$suboption = $_GET['suboption'];
}
if (IsSet ($_GET['savepost']))
{
$savepost = $_GET['savepost'];
}
if (IsSet ($_POST['name']))
{
$name = sql_addslashes($_POST['name']);
$name = htmlspecialchars(strip_tags($name)); //remove html tags
}

if (IsSet ($_POST['email']))
{
$email = sql_addslashes($_POST['email']);
$email = htmlspecialchars(strip_tags($email)); //remove html tags
}

if (IsSet ($_POST['homepage']))
{
$homepage = sql_addslashes($_POST['homepage']);
$homepage = htmlspecialchars(strip_tags($homepage)); //remove html tags
}

if (IsSet ($_POST['message']))
{
$message = sql_addslashes($_POST['message']);
$message = htmlspecialchars(strip_tags($message)); //remove html tags
}

if (IsSet ($_GET['b']))
{
$b = $_GET['b'];
}
if (IsSet ($_GET['l']))
{
$l = $_GET['l'];
}
$error = 0;

function address2text($address = "")
{
// address2text -- convert email address to text; more difficult to harvest
// Peter Fokker - 2004-03-13 - peter (at) berestijn (dot) nl ;-)
global $sas_lang;
//$at = $sas_lang['at'];
//$dot = $sas_lang['dot'];
if (empty ($at))
$at = "at";
if (empty ($dot))
$dot = "dot";
return str_replace("@", " ($at) ", str_replace(".", " ($dot) ", $address));
} // address2text

function check_email($str)
{
//returns 1 if valid email, 0 if not
if (ereg("^.+@.+\\..+$", $str))
return 1;
else
return 0;
}

load_language($cmsdir . '/', 'sn_gbook'); //load language file

//if(file_exists($cmsdir."/languages/".$language."/sn_gbook/".$language.".php"))
//{
//include($cmsdir."/languages/".$language."/sn_gbook/".$language.".php");
//}
//else
//{
//include($cmsdir."/languages/EN/sn_gbook/EN.php");
//}

if ($suboption != "sign")
{
if ((IsSet ($_POST['name'])) and ($name == ""))
{
print $sas_lang['gbook_module_noname_error'];
$error = 1;
}
elseif ((IsSet ($_POST['email'])) and ($email == ""))
{
print $sas_lang['gbook_module_noemail_error'];
$error = 1;
}
elseif ((IsSet ($_POST['email'])) and (($email == "") or (check_email($email) == 0)))
{
print $sas_lang['gbook_module_noemail_error'];
$error = 1;
}
elseif ((IsSet ($_POST['message'])) and ($message == ""))
{
print $sas_lang['gbook_module_nomessage_error'];
$error = 1;
if ($sicherheitscode_korrekt==false) { $error .=' Spamschutz';}
}
}

if ($error == 1)
{
print "<FORM action=\"index.php?section=$section&page=$page&suboption=sign\" method=\"post\">
<br>
<INPUT type=\"hidden\" name=\"name\" value=\"" . $_POST['name'] . "\">
<INPUT type=\"hidden\" name=\"homepage\" value=\"" . $_POST['homepage'] . "\">
<INPUT type=\"hidden\" name=\"message\" value=\"" . $_POST['message'] . "\">
<INPUT type=\"hidden\" name=\"email\" value=\"" . $_POST['email'] . "\">
<input type=\"submit\" value=\"$sas_lang[goback]\">
</FORM>";
}
else
{
$query = "SELECT dbtables FROM $table_modules WHERE location='sn_gbook'"; // getting the table names
$result = mysql_query($query) or die_script($query, mysql_error());
$moduletables = mysql_result($result, 0);
unset ($query);
unset ($result);
$moduletables = explode(",", $moduletables);
$gbook_table = "$moduletables[0]";

if (IsSet ($savepost))
{
if (!get_magic_quotes_gpc()) //if magic quotes are off add slash
{
$message = addslashes($message);
}

$string = "http://";
if (strstr($homepage, $string))
{}
else
{
$homepage = "http://" . "$homepage";
}

if ($sas_config['gbook_email'] != "")
{
$subject = $sitename . ": " . $sas_lang['gbook_module_guestbook'];
$date1 = date("d-m-Y - H:i:s");
$message_to_sent = "<html><body>
<b><font size=4>" . $sas_lang['gbook_module_mailtext'] . "&nbsp;" . $sitename . "</b></font><br>
<div style='margin-top:-375px'>
<table width=80%><tr>
<td width=10%>" . $sas_lang['gbook_module_date'] . "</td>
<td><b>$date1</b></td>
</tr><tr>
<td>" . $sas_lang['gbook_module_name'] . " </td>
<td><b>$name</b></td>
</tr><tr>
<td>" . $sas_lang['gbook_module_email'] . " </td>
<td><b>$email</b></td>
</tr><tr>
<td>" . $sas_lang['gbook_module_website'] . " </td>
<td><b>$homepage</b></td>
</tr><tr>
<td valign=top>" . $sas_lang['gbook_module_text'] . " </td>
<td><b>$message </b></td>
</tr><tr>
<td>IP:</td>
<td><b>$ip</b></td>
</tr>
</table>
</body></html>";
$message_to_sent = nl2br($message_to_sent);
require ("$cmsdir/core/class.phpmailer.php"); //use the phpmailer class
$mail = new PHPMailer();
$mail->From = $email; //email address of submitter
$mail->FromName = $sitename;
$mail->Subject = $subject;
$mail->Body = $message_to_sent;
$mail->IsHTML(true);
$mail->AddAddress($sas_config['gbook_email']); //add email address guestbook owner.
$mail->Send();
}
//if($sas_config['gbook_check_before_post'] == 1 )
//{
//$initial = 0 ;
//}
//else
//{
$initial = 1;
//}
mysql_query("INSERT INTO $gbook_table (id, name, email, homepage, date, message, initial)
VALUES (NULL, '$name', '$email', '$homepage', NOW(), '$message', '$initial')");
// set the last update date for the page
$date1 = date("Y-m-d H:i:s");
mysql_query("UPDATE $table_pages SET lastupdate='$date1' WHERE id='$page'");
print "<script language='javascript'>
window.location = 'index.php?page=$page&section=$section'
</script>";
}

switch ($suboption) // start of switch
{
default :
print "<center>" . $sas_config['gbook_welcome_text'] . "\n<br><input type=\"button\" value=\"" . $sas_lang['gbook_module_sign'] . "\"
onClick=\"javascript:parent.location='index.php?section=$section&page=$page&suboption=sign';\"></b></a></center><br>";

if ($b == "")
{
$b = 1;
$l = $sas_config['gbook_max_items'];
}

$result = mysql_query("SELECT * FROM $gbook_table WHERE initial = 1 ");
$aantal = mysql_num_rows($result); //number of gbook entries
$limit_begin = $b -1;

$query = "SELECT id, name, email, homepage, date, date_format(date, '%d-%m-%Y %H:%i') AS Readable_Date, message
FROM $gbook_table WHERE initial = 1 ORDER BY date DESC LIMIT $limit_begin,$sas_config[gbook_max_items]";
$result = mysql_query($query) or die_script($query, mysql_error());

$i = 0;
$pagtot = ceil($aantal / $sas_config['gbook_max_items']); //number of pages
if ($b == 1)
{
$pag = 1;
} //page 1
else
{
$pag = $l / $sas_config['gbook_max_items'];
} //different as page 1

if ($aantal < $l)
{
$l = $aantal;
} //less records than the number per page

$low = $b - $sas_config['gbook_max_items'];

if ($b > $sas_config['gbook_max_items']) //we have more than one page
{
$high = $b -1;
$previous_page = "<a STYLE=\"color: blue ; font-size: 12\" href=\"index.php?section=$section&page=$page&b=$low&l=$high\">" .
$sas_lang['gbook_module_previous_page'] . "</a>";
}
else
{
$previous_page = ''; //no previous page
}

if ($aantal > $l) //number of records biggter than $l
{
$low = $b + $sas_config['gbook_max_items']; //$b + number per page
$high = $l + $sas_config['gbook_max_items']; //$l + number per page
$next_page = "<a STYLE=\"color: blue ; font-size: 12\" href=\"index.php?section=$section&page=$page&b=$low&l=$high\">" .
$sas_lang['gbook_module_next_page'] . "</a>";
}
else
{
$next_page = ''; //no next page
}
while ($gbook_list = mysql_fetch_array($result))
{
$gbook_message = str_replace("\n", "<br>\n", "$gbook_list[6]");
$gbook_message = str_replace(":)", "<img src=\"" . $cmsdir . "/modules/sn_gbook/smiles/smile.gif\">", "$gbook_message");
$gbook_message = str_replace(":D", "<img src=\"" . $cmsdir . "/modules/sn_gbook/smiles/hugesmile.gif\">", "$gbook_message");
$gbook_message = str_replace(":d", "<img src=\"" . $cmsdir . "/modules/sn_gbook/smiles/hugesmile.gif\">", "$gbook_message");
$gbook_message = str_replace(":o", "<img src=\"" . $cmsdir . "/modules/sn_gbook/smiles/shame.gif\">", "$gbook_message");
$gbook_message = str_replace(":p", "<img src=\"" . $cmsdir . "/modules/sn_gbook/smiles/tongue.gif\">", "$gbook_message");
$gbook_message = str_replace(";)", "<img src=\"" . $cmsdir . "/modules/sn_gbook/smiles/wink.gif\">", "$gbook_message");
$gbook_message = str_replace(":(", "<img src=\"$cmsdir/modules/sn_gbook/smiles/sad.gif\">", "$gbook_message");
$gbook_message = str_replace(":S", "<img src=\"$cmsdir/modules/sn_gbook/smiles/crooked.gif\">", "$gbook_message");
$gbook_message = str_replace(":s", "<img src=\"$cmsdir/modules/sn_gbook/smiles/crooked.gif\">", "$gbook_message");
$gbook_message = str_replace(":|", "<img src=\"$cmsdir/modules/sn_gbook/smiles/disgust.gif\">", "$gbook_message");
$gbook_message = str_replace(":#", "<img src=\"$cmsdir/modules/sn_gbook/smiles/mad.gif\">", "$gbook_message");
print "<center>
<table border=\"1\" cellpadding=\"0\" cellspacing=\"2\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"550\">
<tr>
<td width=\"100%\">
<table border=\"0\" cellpadding=\"3\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"100%\">
<tr>
<td width=\"70\" align=\"right\"><b>" . $sas_lang['gbook_module_name'] . "</b></td>
<td width=\"150\">$gbook_list[1]</td>
<td width=\"75\" align=\"right\"><b>" . $sas_lang['gbook_module_email'] . "</b></td>
<td>" . address2text($gbook_list[2]) . "</td>

</tr>
<tr>
<td width=\"70\" align=\"right\"><b>" . $sas_lang['gbook_module_website'] . "</b></td>
<td colspan=\"3\"><a href=$gbook_list[3]>$gbook_list[3]</a></td>
</tr>
<tr>
<td width=\"70\" align=\"right\"><b>" . $sas_lang['gbook_module_date'] . "</b></td>
<td colspan=\"3\">$gbook_list[5]</td>
</tr>
<tr>
<td width=\"70\" align=\"right\" valign=\"top\"><b>" . $sas_lang['gbook_module_text'] . "</b></td>
<td colspan=\"3\">$gbook_message</td>
</tr>
</table>
</td>
</tr>
</table></center><br>";
}
print "<table width='100%' border=\"0\"><tr>
<td width='28%' align=\"left\">$previous_page&nbsp;</td>
<td width='44%' align=\"center\">&nbsp;</td>
<td width='28%' align=\"right\">&nbsp$next_page</td>
</tr></table>";

break;

case sign :
print "<TABLE height=100 cellSpacing=0 cellPadding=2 width=100% align=center>
<TBODY>
<TR>
<TD vAlign=top>
<CENTER>
<FONT size=2>
<b>" . $sas_lang['gbook_module_sign'] . "</b><br><br>
<b>:)</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/smile.gif\">&nbsp;&nbsp;
<b>:D</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/hugesmile.gif\">&nbsp;&nbsp;
<b>:o</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/shame.gif\">&nbsp;&nbsp;
<b>:p</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/tongue.gif\">&nbsp;&nbsp;
<b>;)</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/wink.gif\">&nbsp;&nbsp;
<b>:(</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/sad.gif\">&nbsp;&nbsp;
<b>:S</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/crooked.gif\">&nbsp;&nbsp;
<b>:|</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/disgust.gif\">&nbsp;&nbsp;
<b>:#</b> = <img src=\"$cmsdir/modules/sn_gbook/smiles/mad.gif\"><br><br>
</FONT>
</CENTER>
<FORM name=mainform action=index.php?section=$section&page=$page&savepost=1 method=post>

<TABLE cellSpacing=0 cellPadding=4 border=0>
<TBODY>
<TR>
<TD vAlign=top width=100 align=\"right\">
<FONT size=2><B>" . $sas_lang['gbook_module_name'] . " (*)</B></FONT>
</TD>
<TD>
<INPUT name=\"name\" size=\"30\" value=\"" . $name . "\">
</TD>
</TR>
<TR>
<TD vAlign=top align=\"right\">
<FONT size=2><B>" . $sas_lang['gbook_module_email'] . " (*)</B></FONT>
</TD>
<TD>
<INPUT name=email size=\"30\" value=\"" . $email . "\">
</TD>
</TR>
<TR>
<TD vAlign=top align=\"right\">
<FONT size=2><B>" . $sas_lang['gbook_module_website'] . "</B></FONT>
</TD>
<TD>
<INPUT id=input name=homepage size=\"30\" value=\"" . $homepage . "\">
</TD>
</TR>
<TR>
<TD id=text vAlign=top align=\"right\">
<FONT size=2><B>" . $sas_lang['gbook_module_text'] . " (*)</B></FONT>
</TD>
<TD>
<TEXTAREA name=message rows=4 cols=50>$message</TEXTAREA>
</TD>
</TR>
<TR><td>&nbsp;</td><TD>" . $sas_lang['required_fields'] . "</TD></TR>
</TBODY>
</TABLE>
<BR>
<CENTER>
<b>Spamschutz:</b><font color='Red'><b>*</b></font>
<img src=\"$cmsdir/modules/sn_gbook/rechen-captcha.php\">
<INPUT type='text' name='sicherheitscode' size='5'>
<INPUT type=submit value=" . $sas_lang['send'] . ">

</CENTER>
</FORM>
</TD>
</TR>
</TBODY>
</TABLE>";

break;

}
}

?>
space
 
Beiträge: 1
Registriert: 21.02.2010, 18:56
Nach oben
Antwort erstellen

Zurück zu Rechen Captcha

Wer ist online?

Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Deutsche Übersetzung durch phpBB.de
phpBB SEO
cron