Форум PHP программистов > Проверка поля перед публикацией

[ Поиск ] - [ Пользователи ] - [ Календарь ]

Полная Версия: Проверка поля перед публикацией

buch

10.08.2008 - 11:29

Есть у меня модуль фотогалереи. В нем нет капчи от спамботов. В большенстве модулей прикрутить удалось, ибо там была встроена проверка поля на пустое значение, здесь же ничего подобного нету, поэтому не могу понять как повесить проверку на кнопку "Добавить" <input type="submit" value='._GALPOSTMEDIA.'>
файл http://www.buymind.jino-net.ru/displayMedia.rar

Дальше весь код модуля. Поиск по слову CAPTCHA. Нуна сделать проверку на соответствие текста набранного в поле <input type="text" name="CAPTCHA" числовому значению, например 159753

Код

<?php
if (!defined('MODULE_FILE')) {
Header("Location: ../../../index.php");
exit;
}

if (isset($_GET['basepath']) || isset($_GET['adminpath'])) {
Header("Location: index.php");
die();
}

?>
<script language='JavaScript'>
function ViewImage(ifile,ix,iy,ititle) {
var win;
var sWidth;
var sHeight;
win = window.open("","imageviewer","width="+ix+",height="+iy+",menubar=no,toolbar=no");
win.document.open();
win.document.write('<html><head><title>'+ititle+'</title>');
win.document.write('</head><body>');
win.document.write('<div style="position:absolute; width:'+ix+'px; height:'+iy+'px; left:0px;top:0px">');
win.document.write('<a href="#"><img src='+ifile+' border="0"></a></div></body></html>');
win.document.close();
}
</script>
<?php

function navigationPic($name, $gid, $pid, $orderby) {
global $prefix, $postcardverz, $db;

$orderbyA = convertorderbyin($orderby);
$pid = intval($pid);
$gid = intval($gid);
$sql = "SELECT pid, name FROM $prefix"._album_pictures." where gid=$gid ORDER BY $orderbyA";
$res = $db->sql_query($sql);
$max = $db->sql_numrows($res);
$ind = getPos($res, $pid);

if ($ind>0) {
$prev = mysql_result($res, $ind-1, 0);
$pname = mysql_result($res, $ind-1, 1);
}
if ($ind<$max-1) {
$next = mysql_result($res, $ind+1, 0);
$nname = mysql_result($res, $ind+1, 1);
}

$out = '<table border="0" cellspacing="10" cellpadding="0" align="center"><tr>';
$gid = intval($gid);

if ($prev) {
$out .= '<td><a href="index.php?name=Album&file=index&do=showpic&gid='.$gid.'&pid='.$prev.'&orderby='.$orderby.'"><img src="modules/Album/images/left.gif" alt="'._GALPREV.'" border="0" align="middle "></a></td>';
}

$out .= '<td><font class="option"> '.$name.' </font></td>';

if ($next) {
$out .= '<td><a href="index.php?name=Album&file=index&do=showpic&gid='.$gid.'&pid='.$next.'&orderby='.$orderby.'"><img src="modules/Album/images/right.gif" alt="'._GALNEXT.'" border="0" align="middle "></a></td>';
}
$out .= '</tr></table>';
return $out;
}

function displayPicturePic($row, $size) {
global $gallerypath, $postcardverz;
$template = $row[displaytag];
$template = str_replace('<:FILENAME:>', "$gallerypath/$row[galloc]/$row[img]", $template);

if($size[0] > 600 || ($row[filetype] != 1 && $size[0] == 320)) {
$size[1] = 600 * ($size[1]/$size[0]); $size[0] = 600;
}
$template = str_replace('<:WIDTH:>', $size[0], $template);
$template = str_replace('<:HEIGHT:>', $size[1], $template);
$template = str_replace('<:DESCRIPTION:>', $row[description], $template);
return $template;
}

function displayDescriptionPic($row) {
global $bgcolor1, $bgcolor4;

if ($row[description]!="") {
return '<table border="0" cellpadding="2" cellspacing="0" width="50%" align="right">'
.'<tr><td align="right" valign="top" width="100"><b>'._GALDESCRIPTION.':</b></td>'
.'<td align="left" valign="top">'.$row[description].'</td></tr></table>';
} else {
return "";
}
}

function displaySubmitterPic($row, $size) {
global $bgcolor1, $bgcolor4, $prefix, $postcardverz, $db;

$sql2 = "SELECT * FROM $prefix"._users." where uname='".$row[submitter]."'";
$result2 = $db->sql_query($sql2);
$row2 = $db->sql_fetchrow($result2);

if($result2>0) {
$row[submitter] = '<a href="index.php?name=Your_Account&op=userinfo&username='.$row[submitter].'" target="_blank">'.$row[submitter].'</a>';
}
return '<table border="0" bgcolor="'.$bgcolor4.'" cellpadding="2" cellspacing="1" width="160">'
.'<tr>'
.'<td width="50" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'._GALSUBMITTER.'</font></td>'
.'<td width="110" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny"><a href="index.php?name=Your_Account&op=userinfo&username='.$row[submitter].'" target="_blank">'.$row[submitter].'</a></font></td></tr>'
.'<tr><td width="50" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'._GALSIZE.'</font></td>'
.'<td width="110" align="left" bgcolor="'.$bgcolor1.'">'.$size[0].' x '.$size[1].'</td></tr>';
}

function displayDateAddedPic($row) {
global $bgcolor1, $bgcolor4;

return '<tr><td width="50" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'._GALADDED.'</font></td>'
.'<td width="110" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'.strftime(_GALDATEBRIEF, $row[unix_time]).'</font></td></tr>';
}

function displayHitsPic($row) {
global $bgcolor1, $bgcolor4;

return '<tr><td width="50" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'._GALHITS.'</font></td>'
.'<td width="110" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'.$row[counter].'</font></td></tr>';
}

function displayRatePic($row) {
global $galleryvar, $bgcolor1, $bgcolor4, $postcardverz;

if(!$galleryvar['allowrate']) {
return;
}
return '<tr>'
.'<td width="50" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'._GALVOTES.'</font></td>'
.'<td width="110" align="left" bgcolor="'.$bgcolor1.'" ><font class="tiny">'.$row[votes].'</font></td>'
.'</tr>'
.'<tr><td width="50" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'._GALRATING.'</font></td>'
.'<td width="110" align="left" bgcolor="'.$bgcolor1.'"><font class="tiny">'.$row[rate].'</font></td>'
.'</tr></table>';
}

function displayRatingBarPic($row, $orderby) {
global $galleryvar, $user, $imagepath, $postcardverz;

if(!$galleryvar['allowrate']) {
return;
}

if(!$galleryvar['anonrate'] || $user) {
return '<form action="index.php?name=Album&file=index&do=Vote" method="post">'
.'<input type="hidden" name="pid" value="'.$row[pid].'">'
.'<input type="hidden" name="orderby" value="'.$orderby.'">'
.'<table width="160" border="0" cellpadding="2" cellspacing="1" align="center">'
.'<tr><td align="center">'
.'<select name="rate">'
.'<option value="1">1</option>'
.'<option value="2">2</option>'
.'<option value="3">3</option>'
.'<option value="4">4</option>'
.'<option value="5">5</option>'
.'<option value="6">6</option>'
.'<option value="7">7</option>'
.'<option value="8">8</option>'
.'<option value="9">9</option>'
.'<option value="10" selected>10</option>'
.'</select>'
.' <input type="submit" value='._RATE.'>'
.'</td></tr></table></form>';
} else {
return '<font class="tiny">'._GALMEMBERSRATE.'</font>';
}
}

function displayCommentsPic($pid, $orderby) {
global $adminpath, $user, $admin, $imagepath, $prefix, $bgcolor1, $bgcolor4, $postcardverz, $db, $module_name, $cookie;

$pid = intval($pid);
include("modules/$module_name/admin/config.php");

$out = '<br><font class="tiny"><b>'._GALCOMMPOST.'</b></font><hr size="1">';

$result3 = $db->sql_query("select cid, pid, comment, date, name, member from $prefix"._album_comments." where pid=$pid order by date ASC");
if ($db->sql_numrows($result3) == 0) {
$out .= '<center><font class="content">'._GALNOCOMM.'</font><hr size="1">';
} else {
$out .= '<table border="0" bgcolor="'.$bgcolor4.'" cellpadding="2" cellspacing="1" width="100%" align="center">';

while(list($cid, $cpid, $comment, $date, $name, $member) = $db->sql_fetchrow($result3)) {
if ($member) {
$poster = '<a href="index.php?name=Your_Account&op=userinfo&username='.$name.'">'.underscoreTospace($name).'</a>';
} else {
$poster = ''.underscoreTospace($name).'';
}
$out .= '<tr>';
$out .= ' <td align="left" vAlign="top" width="100">'.$poster.'</td>'
.'<td bgColor="'.$bgcolor1.'" align="center" width="70">'.substr($date,0,10).'</td><td bgcolor='.$bgcolor1.'>'.$comment.'</td>';

if (is_admin($admin)) {
$out .= ' <td align="center" width="30"><a href="index.php?name=Album&file=index&do=deletecomment&cid='.$cid.'&pid='.$pid.'&orderby='.$orderby.'" onClick="return confirm(\''._GALSURE2DELETECOMMENT.'\')">'
.'<img src="'.$imagepath.'/delete.gif" border="0" alt="'._DELETE.'"></a></td>';
}
$out .= '</tr>';
}
$out .= '</table><hr>';
}

$out .= '<table border="0" cellpadding="2" cellspacing="0" width="90%" align="center">'

.'<tr><td align="right"><form action="index.php?name=Album&file=index" method="post">'
.'<input type="hidden" name="do" value="Post">'
.'<b>'._GALNAME.': </b></td><td><input type="text" SIZE="20" MAXLENGTH="20" name="gname">'
.'<input type="hidden" name="member" value="0"></td></tr>'

// капча рисуется но проверку не прикрутил =( .'<tr><td align="right"><b>'._CAPTCHA.':</b></td><td><img src="images/captcha.jpeg" border="0" /> <input type="text" name="CAPTCHA" value="'.$CAPTCHA.'" size="67" ></td></tr>'

.'<tr><td align="right"><b>'._GALCOMMENT.': </b></td><td>'
.'<input class="textbox" type="text" name="comment" size="80" maxlength="50"></td></tr>'
.'<tr><td></td><td><input class="textbox" type="hidden" name="pid" value="'.$pid.'">'

.'<input type="submit" value='._GALPOSTMEDIA.'></form></td></tr></table>';

return $out;
}

function getPos($res, $pid) {
global $db;
$pid = intval($pid);
$i=0;
while ($row=$db->sql_fetchrow($res)) {
if ($row[pid] == $pid) return $i;
$i++;
}
}

function rateCollector($pid, $rate) {
global $cookiePrefix, $HTTP_COOKIE_VARS, $adminpath, $prefix, $postcardverz, $db, $module_name;

$pid = intval($pid);
include("modules/$module_name/admin/config.php");

$ip = getenv("REMOTE_ADDR");
$past = time()-1800;
$db->sql_query("DELETE FROM $prefix"._album_rate_check." WHERE time < $past");
$result = $db->sql_query("SELECT ip, pid FROM $prefix"._album_rate_check." WHERE pid=$pid");
list($ips, $pids) = $db->sql_fetchrow($result);
$ctime = time();
if (($ip == $ips) && ($pid == $pids)) {
$voteValid = 0;
} else {
$db->sql_query("INSERT INTO $prefix"._album_rate_check." (ip, time, pid) VALUES ('$ip', '$ctime', '$pid')");
$voteValid = 1;
}

if ($setRateCookies > 0) {
list($time) = $db->sql_fetchrow($db->sql_query("SELECT date FROM $prefix"._album_pictures." WHERE pid=$pid"));
$timeStamp = formatTimestamp($time);
$cookieName = $cookiePrefix.$timeStamp;
if($HTTP_COOKIE_VARS["$cookieName"] == "1") {
echo $warn = "You already voted today!";
$voteValid = 0;
} else {
$cvalue = 1;
setcookie("$cookieName",$cvalue,time()+86400);
}
}
if ($voteValid > 0) {
$db->sql_query("update $prefix"._album_pictures." set votes=votes+1, rate=(rate*(votes-1) + $rate)/votes where pid=$pid");
}
print '<html><head></head><body></body></html>';
}

function showpic($pid, $orderby) {
global $adminpath, $prefix, $gallerypath, $user, $admin, $galleryvar, $PHP_SELF, $postcardverz, $db, $module_name, $sitename;

$pid = intval($pid);
include("modules/$module_name/admin/config.php");
include("modules/$module_name/admin/postcardverz.php");

if (!isset($orderby) || $orderby=="") {
$orderby = $galleryvar['defaultsortmedia'];
}
$prow = $db->sql_fetchrow($db->sql_query("SELECT p.*, UNIX_TIMESTAMP(p.date) AS unix_time, c.galloc, c.visible, t.templatePictures, t.templateCSS, f.displaytag, f.filetype, f.description AS description_media FROM $prefix"._album_pictures." AS p LEFT JOIN $prefix"._album_categories." AS c ON c.gallid=p.gid LEFT JOIN $prefix"._album_template_types." AS t ON t.id=c.template LEFT JOIN $prefix"._album_media_types." AS f ON f.extension=p.extension WHERE pid=$pid"));
$ok=0;

switch ($prow[visible]) {
case 0:
if (is_admin($admin)) $ok=1;
break;
case 1:
if (is_user($user) || is_admin($admin)) $ok=1;
break;
default:
$ok=1;
break;
}

if ($ok) {
galleryHeader();
OpenTable();
if($prow[filetype] == 1) {
$size = @getimagesize("$gallerypath/$prow[galloc]/$prow[img]");
} else {
$size[0] = $prow[width];
$size[1] = $prow[height];
$size[2] = $prow[description_media];
$size[3] = "width=\"size[0]\" height=\"size[1]\"";
}
$navtree = navigationTree($prow[gid], $prow[pid]);
$navpic = navigationPic($prow[name], $prow[gid], $prow[pid], $orderby);
$navgall = navigationGall();
$img = displayPicturePic($prow, $size);
$date = displayDateAddedPic($prow);
$submitter = displaySubmitterPic($prow, $size);
$hits = displayHitsPic($prow);
$rate = displayRatePic($prow);
$ratingbar = displayRatingBarPic($prow, $orderby);
$description = displayDescriptionPic($prow);

if ($galleryvar['allowcomments']) $comments = displayCommentsPic($prow[pid], $orderby);
if ($galleryvar['allowpostcard']) {
$path = substr($PHP_SELF, 0, strlen($PHP_SELF) - strlen("/modules.php"));
if($prow[filetype] == 1) {
$postcard = "<a href=\"#\" onMouseOver=\"window.status='eCard';return true\" onMouseOut=\"window.status='';return true\" onClick=\"window.open('$postcardverz/index.php?picture=$path/$gallerypath/$prow[galloc]/$prow[img]','$target','width=$postcardwidth,height=$postcardheight,directories=no,location=no,menubar=no,scrollbars=yes,status=no,toolbar=no,left=10,top=10,screenx=50,Screeny=50');return false\"><img src=\"$imagepath/mailcard.gif\" border=\"0\" align=\"left\" alt=\""._GALPOSTCARD."\">"._GALPOSTCARD."</a>";
}
}
if ($galleryvar['allowprint'] && $prow[filetype] == 1) {
$dir = "../album/$prow[galloc]/";
$pic = "$prow[img]";
$width = "$prow[width]";
$height = "$prow[height]";
$target++;
$print .= "<input type=\"button\" value=\""._GALPRINTMEDIA."\" onClick=\"ViewImage('$gallerypath/$prow[galloc]/$prow[img]', '$width', '$height', '$sitename - "._ALBUM_NAME." - $pic', '$description_media')\">";
}

if ($galleryvar['allowdownload']) {
$thefile = substr($prow[img], 0, strrpos($prow[img],'.'));
$zipfile = $thefile.".zip";
$gzfile = $prow[img].".gz";
if ($galleryvar['downloadmode']=="zip") {
$thefile = $zipfile;
} elseif ($galleryvar['downloadmode']=="gz") {
$thefile = $gzfile;
}
$download = "<a class=\"tiny\" href=\"index.php?name=Album&file=index&do=getit&url=$prow[galloc]/$thefile&filename=$thefile\"><img src=\"$imagepath/hit.gif\" border=\"0\" align=\"middle\" alt=\"Download this Media\" ></a> <a class=\"content\" href=\"index.php?name=Album&file=index&do=getit&url=$prow[galloc]/$thefile&filename=$thefile\"> "._GALDOWNLOADMEDIA."</a>";
}

$template = $prow[templatePictures];
$template = str_replace('<:IMAGE:>', $img, $template);
$template = str_replace('<:DESCRIPTION:>', $description, $template);
$template = str_replace('<:RATE:>', $rate, $template);
$template = str_replace('<:RATINGBAR:>', $ratingbar, $template);
$template = str_replace('<:SUBMITTER:>', $submitter, $template);
$template = str_replace('<:NAMESIZE:>', $iname, $template);
$template = str_replace('<:COMMENTS:>', $comments, $template);
$template = str_replace('<:HITS:>', $hits, $template);
$template = str_replace('<:DATE:>', $date, $template);
$template = str_replace('<:RAWIMAGE:>', $prow[img], $template);
$template = str_replace('<:RAWIMAGESIZE:>', $size[3], $template);
$template = str_replace('<:RAWIMAGEWIDTH:>', $size[0], $template);
$template = str_replace('<:RAWIMAGEHEIGHT:>', $size[1], $template);
$template = str_replace('<:RAWDESCRIPTION:>', $prow[description], $template);
$template = str_replace('<:RAWRATE:>', $prow[rate], $template);
$template = str_replace('<:RAWVOTES:>', $prow[votes], $template);
$template = str_replace('<:RAWSUBMITTER:>', $prow[submitter], $template);
$template = str_replace('<:RAWNAME:>', $prow[name], $template);
$template = str_replace('<:RAWHITS:>', $prow[hist], $template);
$template = str_replace('<:RAWDATEBRIEF:>', strftime(_GALBRIEFDATE, $prow[unix_time]), $template);
$template = str_replace('<:POSTCARD:>', $postcard, $template);
$template = str_replace('<:PRINT:>', $print, $template);
$template = str_replace('<:DOWNLOAD:>', $download, $template);
print "$navgall $navtree";
print "$navpic $template";
CloseTable();
include("footer.php");
}
}
?>

Спустя 4 месяца, 22 дня, 2 часа, 5 минут, 17 секунд (2.01.2009 - 13:34) apc написал(а):

Вы конечно молодец... Если бы у вас комп завис вы бы исходный код ОС выложили бы сюда... =)
Как я понял вам надо проверить является ли содержимое поля цифровым значением

PHP

$num = is_numeric($_REQUEST['CAPTCHA'])
if ($num == 1){
    echo 'Ok';
}else{
    echo 'NO!!!';
}

Спустя 13 дней, 9 часов, 53 минуты, 27 секунд (15.01.2009 - 23:28) Adamant написал(а):

Цитата (apc @ 2.01.2009 - 17:34)

Вы конечно молодец... Если бы у вас комп завис вы бы исходный код ОС выложили бы сюда... =)

Быстрый ответ:

Здесь расположена полная версия этой страницы.