mercredi 15 avril 2015

How to integrate captcha in a login form

i have two PHP files which are : 1) login.php 2) captcha.php


For login files i modify the one that i found on the internet and for captcha.php thanks to one of the stackoverflow's member who provide me the code. Now both the files work perfectly.


My problem is how do i integrate the captcha file inside the login file so that it become a complete login file with a captcha function. Please help me as i'm new to php and mysql. TQ





Login.php

<?php

require "config.php"; //Connection Script, include in every file!

//Check to see if the user is logged in.
if(isset($_SESSION['email'])){
header("location: members.php"); //isset check to see if a variables has been 'set'
}



if(isset($_POST['submit']))
{
//Variables from the table
$email = $_POST['email'];
$password = $_POST['password'];

//Prevent MySQL Injections
$email = stripslashes($email);
$password = stripslashes($password);

$email = mysqli_real_escape_string($con, $email);
$password = mysqli_real_escape_string($con, $password);

//Check to see if the user left any space empty!
if($email == "" || $password == "")
{
echo "Please fill in all the information!";
}

//Check to see if the username AND password MATCHES the username AND password in the DB
else
{
$query = mysqli_query($con,"SELECT * FROM detail WHERE email = '$email' and password = '$password'") or die("Can not query DB.");
$count = mysqli_num_rows($query);

if($count == 1){
//YES WE FOUND A MATCH!
$_SESSION['email'] = $email; //Create a session for the user!
header ("location: members.php");
}

else{
echo "Username and Password DO NOT MATCH! TRY AGAIN!";
}
}

}

?>
</span>
<form action="login.php" method="post">

<label><b>Login</b>Not a member? <a href="http://localhost/captcha1/register.php"> Register </a> now!</label><br /><br />

<label>Email :<span>*</span></label><br />
<input name="email" type="text" id="email" placeholder="username@domain" required>
<br />

<label>Password :<span>*</span></label><br />
<input name="password" type="password" id="password" placeholder="********"required>

<br />

</div>

<div style="float:right; width:50%; ">
<br /><br /><br /><br /><br /><br /><br /><br />
<fieldset>
<legend><img src="playvideo.png" width="47" height="47"></legend>
<?php
mysql_connect("localhost","root","");
mysql_select_db("details");
$res=mysql_query("select * from video ORDER BY RAND() LIMIT 1");



while($row=mysql_fetch_array($res))
{
?>
<center><video width="360" height="270" controls><source src="<?php echo $row["video"];?>" type="video/mp4">Your browser does not support the video tag.


</fieldset>
<br />
<fieldset>
<legend><img src="QnA.png" width="84" height="50"></legend>

</video><center><?php echo $row['question']; ?></center> </center>
<img src="qmark.png" width="22" height="28" class="masterTooltip" title="Fill in the answer in words. Eg: 1 = one" /><sup> *How to answer?*</sup><br />
<input name="captcha" type="text" size"4" placeholder="" required><br>

</fieldset>

<br /><br />
<input type="reset" value="Reset" />
<input type="submit" name="submit" value="Login">


</form>

<?php
}
?>






captcha.php

<?php

$database_db="test2";
$user_db="root";
$password_db="";
$host_db="localhost";

$link = mysqli_connect($host_db, $user_db, $password_db, $database_db);

/* check connection */
if (mysqli_connect_errno())
{
die ("couldnot connect: ".mysqli_connect_error());
exit();
}
if (array_key_exists("answer", $_POST) AND array_key_exists("question", $_POST))
{
$id = intval($_POST['question']);
$sql="SELECT question, answer FROM captcha WHERE id='$id' AND answer='".mysqli_real_escape_string($link, $_POST['answer'])."'";
$result = mysqli_query($link, $sql) or exit('$sql failed: '.mysqli_error($link));
$num_rows = mysqli_num_rows($result);
if($num_rows > 0)
{
header("Location: success.php");
}
else
{
header("Location: error.php");
}
exit;
}
else
{
$query = "SELECT id, video , question FROM `captcha` ORDER BY RAND() LIMIT 1";
if ($result = mysqli_query($link, $query))
{
if ($row = mysqli_fetch_assoc($result))
{
$id = $row["id"];
$video = $row["video"];
$question = $row["question"];

}
}
}

?>
<html>
<body>
<form method="post">
<video width="360" height="270" controls><source src="<?php echo $video;?>" type="video/mp4">Your browser does not support the video tag. </video><br>
<?php echo $question; ?><br />
<input type="hidden" name="question" id="question" value="<?php echo $id; ?>" />
<input type="text" name="answer" id="answer" /><br />
<input type="submit" name="submit" value="submit" /><br />
</form>



Aucun commentaire:

Enregistrer un commentaire