postanowiłem wzbogacić stronę o reCAPTCHA
Według instrukcji:
http://recaptcha.net/plugins/php/
Wstawiłem kod, oraz wysłałem potrzebne pliki na serwer, i wygląda to tak:
kod pliku odpowiedzialnego za komentarze.
CODE
<?php
if (!defined("IN_FUSION")) { header("Location:../index.php"); exit; }
include LOCALE.LOCALESET."comments.php";
require_once INCLUDES."button.php";
function showcomments($ctype,$cdb,$ccol,$cid,$clink) {
global $settings,$locale,$userdata,$aidlink,$status;
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
$flood = false;
if (dbrows(dbquery("SELECT $ccol FROM ".DB_PREFIX."$cdb WHERE $ccol='$cid'"))==0) {
fallback(BASEDIR."index.php");
}
if (iMEMBER) {
$comment_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$comment_name = trim(stripinput($_POST['comment_name']));
$comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
if (isNum($comment_name)) $comment_name="";
}
$comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
$comment_smileys = isset($_POST['disable_smileys']) ? "0" : "1";
if ($comment_name != "" && $comment_message != "") {
$result = dbquery("SELECT MAX(comment_datestamp) AS last_comment FROM ".DB_PREFIX."comments WHERE comment_ip='".USER_IP."'");
if (!iSUPERADMIN && dbrows($result) > 0) {
$data = dbarray($result);
if ((time() - $data['last_comment']) < $settings['flood_interval']) {
$flood = true;
$result = dbquery("INSERT INTO ".$db_prefix."flood_control (flood_ip, flood_timestamp) VALUES ('".USER_IP."', '".time()."')");
if (dbcount("(flood_ip)", "flood_control", "flood_ip='".USER_IP."'") > 4) {
if (iMEMBER) $result = dbquery("UPDATE ".$db_prefix."users SET user_status='1' WHERE user_id='".$userdata['user_id']."'");
}
}
}
if (!$flood) {
if (iADMIN or $settings[comment_accept] == 0 or $settings['guestposts'] == "1" and iGUEST and $settings[comment_accept] == 0) {
$result = dbquery("INSERT INTO ".DB_PREFIX."comments (comment_item_id, comment_type, comment_name, comment_message, comment_smileys, comment_datestamp, comment_ip) VALUES ('$cid', '$ctype', '$comment_name', '$comment_message', '$comment_smileys', '".time()."', '".USER_IP."')");
if (EPS && iMEMBER){
$przydzial = dbarray(dbquery("SELECT point_ammount from ".DB_PREFIX."eps_points WHERE point_id='7'"));
$result = dbquery("UPDATE ".DB_PREFIX."users SET points_normal=points_normal+".($przydzial['point_ammount'])." WHERE user_id='".$userdata['user_id']."'");
}
redirect("$clink");
} else if (iMEMBER && !iADMIN or $settings['guestposts'] == "1" and iGUEST) {
$submit_comment['comment_item_id'] = stripinput("$cid");
$submit_comment['comment_type'] = stripinput("$ctype");
$submit_comment['comment_name'] = stripinput("$comment_name");
$submit_comment['comment_message'] = stripinput("$comment_message");
$submit_comment['comment_smileys'] = stripinput("$comment_smileys");
$timmee = time();
$submit_comment['comment_datestamp'] = stripinput("$timmee");
$ipp = "".USER_IP."";
$submit_comment['comment_ip'] = stripinput("$ipp");
$result = dbquery("INSERT INTO ".DB_PREFIX."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('c', '".$userdata['user_id']."', '".time()."', '".serialize($submit_comment)."')");
redirect("$clink&status=dodano");
}
}
}
}
tablebreak();
if (isset($status)) {
if ($status == "dodano") {
$title = $locale['0000'];
$message = $locale['0001'];
}
opentable($title);
echo "<div align='center'>".$message."</div>\n";
closetable();
tablebreak();
}
opentable($locale['c100']);
$result = dbquery(
"SELECT tcm.*,user_name FROM ".DB_PREFIX."comments tcm
LEFT JOIN ".DB_PREFIX."users tcu ON tcm.comment_name=tcu.user_id
WHERE comment_item_id='$cid' AND comment_type='$ctype'
ORDER BY comment_datestamp ASC"
);
if (dbrows($result) != 0) {
$i = 0;
echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border'>\n";
while ($data = dbarray($result)) {
echo "<tr>\n<td class='".($i% 2==0?"tbl1":"tbl2")."'><span class='comment-name'>\n";
if ($data['user_name']) {
echo "<img src='../images/komentarz.png'><a href='".BASEDIR."profile.php?lookup=".$data['comment_name']."'>".$data['user_name']."</a>";
} else {
echo $data['comment_name'];
}
if ($data['comment_smileys'] == "1") {
$comment_message = parsesmileys($data['comment_message']);
} else {
$comment_message = $data['comment_message'];
}
$comment_message = nl2br(parseubb($comment_message));
echo "</span>\n<span class='small'> ".$locale['041'].showdate("longdate", $data['comment_datestamp'])."</span><br>\n";
echo $comment_message."</td>\n</tr>\n";
$i++;
}
if (checkrights("C")) echo "<tr>\n<td align='right' class='".($i% 2==0?"tbl1":"tbl2")."'><a href='".ADMIN."comments.php".$aidlink."&ctype=$ctype&cid=$cid'>".$locale['c106']."</a></td>\n</tr>\n";
echo "</table>\n";
} else {
echo $locale['c101']."\n";
}
closetable();
tablebreak();
opentable($locale['c102']);
if (iMEMBER || $settings['guestposts'] == "1") {
echo "
<script src='../sign_limit.js' type='text/javascript'></script>
<form name='inputform' method='post' action='$clink'>
<table align='center' cellspacing='0' cellpadding='0' class='tbl'>\n";
if (iGUEST) {
echo "<tr>
<td>".$locale['c103']."</td>
</tr>
<tr>
<td><input type='text' onkeyup='SignLimit(this,15);' cols='\"25"' name='comment_name' maxlength='30' class='textbox' style='width:50%;'></td>
</tr>\n";
}
echo "<tr>
<td align='center'><textarea name='comment_message' onkeyup='SignLimit(this,351);' cols='\"25"' rows='6' class='textbox' style='width:400px'></textarea><br>
"; ?>
<small>Wykorzystano <strong><span id='counter'>0/350</span></strong> znaków</small>
<div class="spoiler_border">
<div class="spoiler_title">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><font color="red">Emotki </font> Gdy brak ci słów... </td>
<td style="text-align: right">
<input type="button" value="Rozwiń" onclick="if ( this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.getElemen
tsByTagName('div')[1].style.display != '') {this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.getEleme
ntsByTagName('div')[1].style.display = ''; this.innerText = ''; this.value = 'Zwiń';} else {this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.getEleme
ntsByTagName('div')[1].style.display = 'none'; this.innerText = ''; this.value = 'Rozwiń';}" />
</td>
</tr>
</table>
</div>
<div class="spoiler_text" style="display: none;">
<br><br>
<?
echo"
".displaysmileys("comment_message")."
</div>
</div>
</tr>
<tr>
<td align='center'>
\n";
require_once('recaptchalib.php');
$publickey = "6Ld5owoAAAAAAOPATusVRl9GZnqSdW6IE1N80CuX ";
$privatekey = "6Ld5owoAAAAAAEGQ1PeOZ2_Mxjv6YZ84AzSaTpRf ";
# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;
# are we submitting the page?
if ($_POST["submit"]) {
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
echo "You got it!";
# in a real application, you should send an email, create an account, etc
} else {
# set the error code so that we can display it. You could also use
# die ("reCAPTCHA failed"), but using the error message is
# more user friendly
$error = $resp->error;
}
}
echo recaptcha_get_html($publickey, $error);
echo "
<input type='submit' name='post_comment' value='".$locale['c102']."' class='button'></td>
</tr>
</table>
</form>\n";
} else {
echo $locale['c105']."\n";
}
closetable();
}
?>
if (!defined("IN_FUSION")) { header("Location:../index.php"); exit; }
include LOCALE.LOCALESET."comments.php";
require_once INCLUDES."button.php";
function showcomments($ctype,$cdb,$ccol,$cid,$clink) {
global $settings,$locale,$userdata,$aidlink,$status;
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
$flood = false;
if (dbrows(dbquery("SELECT $ccol FROM ".DB_PREFIX."$cdb WHERE $ccol='$cid'"))==0) {
fallback(BASEDIR."index.php");
}
if (iMEMBER) {
$comment_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$comment_name = trim(stripinput($_POST['comment_name']));
$comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
if (isNum($comment_name)) $comment_name="";
}
$comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
$comment_smileys = isset($_POST['disable_smileys']) ? "0" : "1";
if ($comment_name != "" && $comment_message != "") {
$result = dbquery("SELECT MAX(comment_datestamp) AS last_comment FROM ".DB_PREFIX."comments WHERE comment_ip='".USER_IP."'");
if (!iSUPERADMIN && dbrows($result) > 0) {
$data = dbarray($result);
if ((time() - $data['last_comment']) < $settings['flood_interval']) {
$flood = true;
$result = dbquery("INSERT INTO ".$db_prefix."flood_control (flood_ip, flood_timestamp) VALUES ('".USER_IP."', '".time()."')");
if (dbcount("(flood_ip)", "flood_control", "flood_ip='".USER_IP."'") > 4) {
if (iMEMBER) $result = dbquery("UPDATE ".$db_prefix."users SET user_status='1' WHERE user_id='".$userdata['user_id']."'");
}
}
}
if (!$flood) {
if (iADMIN or $settings[comment_accept] == 0 or $settings['guestposts'] == "1" and iGUEST and $settings[comment_accept] == 0) {
$result = dbquery("INSERT INTO ".DB_PREFIX."comments (comment_item_id, comment_type, comment_name, comment_message, comment_smileys, comment_datestamp, comment_ip) VALUES ('$cid', '$ctype', '$comment_name', '$comment_message', '$comment_smileys', '".time()."', '".USER_IP."')");
if (EPS && iMEMBER){
$przydzial = dbarray(dbquery("SELECT point_ammount from ".DB_PREFIX."eps_points WHERE point_id='7'"));
$result = dbquery("UPDATE ".DB_PREFIX."users SET points_normal=points_normal+".($przydzial['point_ammount'])." WHERE user_id='".$userdata['user_id']."'");
}
redirect("$clink");
} else if (iMEMBER && !iADMIN or $settings['guestposts'] == "1" and iGUEST) {
$submit_comment['comment_item_id'] = stripinput("$cid");
$submit_comment['comment_type'] = stripinput("$ctype");
$submit_comment['comment_name'] = stripinput("$comment_name");
$submit_comment['comment_message'] = stripinput("$comment_message");
$submit_comment['comment_smileys'] = stripinput("$comment_smileys");
$timmee = time();
$submit_comment['comment_datestamp'] = stripinput("$timmee");
$ipp = "".USER_IP."";
$submit_comment['comment_ip'] = stripinput("$ipp");
$result = dbquery("INSERT INTO ".DB_PREFIX."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('c', '".$userdata['user_id']."', '".time()."', '".serialize($submit_comment)."')");
redirect("$clink&status=dodano");
}
}
}
}
tablebreak();
if (isset($status)) {
if ($status == "dodano") {
$title = $locale['0000'];
$message = $locale['0001'];
}
opentable($title);
echo "<div align='center'>".$message."</div>\n";
closetable();
tablebreak();
}
opentable($locale['c100']);
$result = dbquery(
"SELECT tcm.*,user_name FROM ".DB_PREFIX."comments tcm
LEFT JOIN ".DB_PREFIX."users tcu ON tcm.comment_name=tcu.user_id
WHERE comment_item_id='$cid' AND comment_type='$ctype'
ORDER BY comment_datestamp ASC"
);
if (dbrows($result) != 0) {
$i = 0;
echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border'>\n";
while ($data = dbarray($result)) {
echo "<tr>\n<td class='".($i% 2==0?"tbl1":"tbl2")."'><span class='comment-name'>\n";
if ($data['user_name']) {
echo "<img src='../images/komentarz.png'><a href='".BASEDIR."profile.php?lookup=".$data['comment_name']."'>".$data['user_name']."</a>";
} else {
echo $data['comment_name'];
}
if ($data['comment_smileys'] == "1") {
$comment_message = parsesmileys($data['comment_message']);
} else {
$comment_message = $data['comment_message'];
}
$comment_message = nl2br(parseubb($comment_message));
echo "</span>\n<span class='small'> ".$locale['041'].showdate("longdate", $data['comment_datestamp'])."</span><br>\n";
echo $comment_message."</td>\n</tr>\n";
$i++;
}
if (checkrights("C")) echo "<tr>\n<td align='right' class='".($i% 2==0?"tbl1":"tbl2")."'><a href='".ADMIN."comments.php".$aidlink."&ctype=$ctype&cid=$cid'>".$locale['c106']."</a></td>\n</tr>\n";
echo "</table>\n";
} else {
echo $locale['c101']."\n";
}
closetable();
tablebreak();
opentable($locale['c102']);
if (iMEMBER || $settings['guestposts'] == "1") {
echo "
<script src='../sign_limit.js' type='text/javascript'></script>
<form name='inputform' method='post' action='$clink'>
<table align='center' cellspacing='0' cellpadding='0' class='tbl'>\n";
if (iGUEST) {
echo "<tr>
<td>".$locale['c103']."</td>
</tr>
<tr>
<td><input type='text' onkeyup='SignLimit(this,15);' cols='\"25"' name='comment_name' maxlength='30' class='textbox' style='width:50%;'></td>
</tr>\n";
}
echo "<tr>
<td align='center'><textarea name='comment_message' onkeyup='SignLimit(this,351);' cols='\"25"' rows='6' class='textbox' style='width:400px'></textarea><br>
"; ?>
<small>Wykorzystano <strong><span id='counter'>0/350</span></strong> znaków</small>
<div class="spoiler_border">
<div class="spoiler_title">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><font color="red">Emotki </font> Gdy brak ci słów... </td>
<td style="text-align: right">
<input type="button" value="Rozwiń" onclick="if ( this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.getElemen
tsByTagName('div')[1].style.display != '') {this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.getEleme
ntsByTagName('div')[1].style.display = ''; this.innerText = ''; this.value = 'Zwiń';} else {this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.getEleme
ntsByTagName('div')[1].style.display = 'none'; this.innerText = ''; this.value = 'Rozwiń';}" />
</td>
</tr>
</table>
</div>
<div class="spoiler_text" style="display: none;">
<br><br>
<?
echo"
".displaysmileys("comment_message")."
</div>
</div>
</tr>
<tr>
<td align='center'>
\n";
require_once('recaptchalib.php');
$publickey = "6Ld5owoAAAAAAOPATusVRl9GZnqSdW6IE1N80CuX ";
$privatekey = "6Ld5owoAAAAAAEGQ1PeOZ2_Mxjv6YZ84AzSaTpRf ";
# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;
# are we submitting the page?
if ($_POST["submit"]) {
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
echo "You got it!";
# in a real application, you should send an email, create an account, etc
} else {
# set the error code so that we can display it. You could also use
# die ("reCAPTCHA failed"), but using the error message is
# more user friendly
$error = $resp->error;
}
}
echo recaptcha_get_html($publickey, $error);
echo "
<input type='submit' name='post_comment' value='".$locale['c102']."' class='button'></td>
</tr>
</table>
</form>\n";
} else {
echo $locale['c105']."\n";
}
closetable();
}
?>
Problem jednak jest tego typu: Po wpisaniu komentarza, i kliknięciu "dodaj komentarz", jest on wysyłany nawet wtedy, gdy w polu reCAPTCHA nie wpisze się nic.
Co zrobiłem źle?
Zerknij jeszcze 
