diff options
author | Morris Jobke <hey@morrisjobke.de> | 2018-07-12 19:09:35 +0300 |
---|---|---|
committer | Jos Poortvliet <jos@opensuse.org> | 2018-07-19 16:56:53 +0300 |
commit | 139cdd08859e1f511cf1c93fe231370d9f05d081 (patch) | |
tree | 61888ce22ca2883d5bf7d44900becd58eb305610 /page-contactsubmit.php | |
parent | a9456a7996e31b2e5520ff7da3068ff3f18f656f (diff) |
Add captcha to contact form
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'page-contactsubmit.php')
-rw-r--r-- | page-contactsubmit.php | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/page-contactsubmit.php b/page-contactsubmit.php index 3eea2663..08a0e616 100644 --- a/page-contactsubmit.php +++ b/page-contactsubmit.php @@ -40,14 +40,30 @@ if(isset($_POST['email'])) { !isset($_POST['email']) || !isset($_POST['organization']) || !isset($_POST['phone']) || - !isset($_POST['comments'])) { + !isset($_POST['comments']) || + !isset($_POST['checksum']) || + !isset($_POST['captcha'])) { died('We are sorry, but there appears to be a problem with the form you submitted - did you fill in all fields?'); } $yourname = $_POST['yourname']; // required $organization= $_POST['organization']; // required $phone= $_POST['phone']; // required $email_from = $_POST['email']; // required $comments = $_POST['comments']; // required + $checksum = $_POST['checksum']; // required + $captcha = $_POST['captcha']; $error_message = ""; + if (strlen($checksum) !== 75 || !strpos($checksum, ':')) { + $error_message .= 'The checksum is not valid.<br />'; + } else { + list($salt, $expectedHash) = explode(':', $checksum, 2); + $hash = hash('sha256', $salt . $captcha); + + if ($hash !== $expectedHash) { + $error_message .= 'The captcha result you entered does not appear to be correct.<br />'; + } + } + + $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,10}$/'; if(!preg_match($email_exp,$email_from)) { $error_message .= 'The email address you entered does not appear to be valid.<br />'; |