views:

511

answers:

1

I have a problem with the form I'm using in my webpage.

It allows the recaptcha but It also sends the email without validating the fields in the recaptcha box. This form is using Ajax and PHP.

I've pasted the code next:

<br> <br> <div id="fields">

<form action="javascript:alert('success!');">
<label>Nombre</label><INPUT class="textbox" type="text" name="name" value=""><br />

<label>eMail</label><INPUT class="textbox" type="text" name="email" value=""><br />

<label>Asunto</label><INPUT class="textbox" type="text" name="subject" value=""><br />

<label>Mensaje</label><TEXTAREA class="textbox" NAME="message" ROWS="5" COLS="25"></TEXTAREA><br />

<?php

require_once('recaptchalib.php');

// Get a key from http://recaptcha.net/api/getkey
$publickey = "6LekPAQAAAAAAFoAJRfRtd9vmlzA9m-********";
$privatekey = "6LekPAQAAAAAAFqNcNsrnZba0-ZMg-********";

# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;

# was there a reCAPTCHA response?
if ($_POST["recaptcha_response_field"]) {
        $resp = recaptcha_check_answer ($privatekey,
                                        $_SERVER["REMOTE_ADDR"],
                                        $_POST["recaptcha_challenge_field"],
                                        $_POST["recaptcha_response_field"]);

        if ($resp->is_valid) {
                echo "Bien escrito!";
        } else {
                # set the error code so that we can display it
                $error = $resp->error;
        }
}
echo recaptcha_get_html($publickey, $error);
?>
    <br/>

<label>&nbsp;</label><INPUT class="button" type="submit" name="submit" value="Enviar">
</form>
</div>

</fieldset>

Thanks a lot.

David.

A: 

The problem is that you need to check the reCAPTCHA before you display the form again. The PHP code would go above the first line of the form, perferrably before any HTML is generated so the user can be redirected to a thank you page.

Darryl Hein