Hi There. Can someone show me how to add re-captcha, to this php form?
I have tried to add it after, echo " , but his does not work.

Well it’s hard to say since you didn’t provide any code of what you have tried with the captcha. Are you using the google version? I use that one all the time and is very easy to implement. You signup on the recaptcha site and get a public and private key and place those in the lib file they give you. Include the lib file in your page above the form and then place this in the form where you want the captcha to show
[php]
echo recaptcha_get_html($publickey)
[/php]

Hi Fastsol.

Thanks for your reply.

To start, I can say I am not very good with PHP, and this is why I am looking for help, with this form. This form is originally from W3C School. http://www.w3schools.com/PHP/php_secure_mail.asp

I have tried everything I can possible think of.

I can get the Re-captcha to show, everywhere else in the from, except for where I need it to show, in the , section of the code. I need the re-captacha to show between the textarea, and the submit button.

I have tried everything they have suggested, on the Google Recaptacha Website,
https://developers.google.com/recaptcha/docs/display

But nothing seems to work. . . . .
If I add this code to the header, the captcha shows, but I need the captcha to show in the section of the code.

All I need, is a safe secure form . . . . .
Safe from Spam bots, and Safe from SQL Injection.

Please help.
Thanks again.

I tried your you posted and it works fine for me when I put my public key in it, it shows where ever I place the script at on the page. I personally don’t use this method, I use the php version found here - https://developers.google.com/recaptcha/docs/php

Hi Fastsol.

Thanks again for your reply. Yes, I have also tried using the PHP vesion, but nothing seems to work, when I put it in the section, of the contact form coding. . . .Such as this.

Are you sure it’s including the lib file correctly? I assume you are putting in your public key where it say $public key=“your public key”
It won’t show if you don’t do that. Did you put in your private key in the lib file too?

Hi Fastsol. Ok, I havent put it in the Lib file too. I will try that now and see if it makes a difference. Otherwise, I keep getting a PHP Error, when I stick the Recaptcha PHP code, in the section of the contact form. I will try it now, and get back to you

Thanks again.

Here is the error I get, when placing the re-captacha code, into the section of the contact form

Parse error: syntax error, unexpected T_LNUMBER, expecting ‘,’ or ‘;’ in /home/public_html/modules/mod_contact_form1/mod_contact_form1.php on line 60

Ok I cant find where to insert my public key, in the recaptchalib.php , file.

Ok, you had a few syntax errors in this that I fixed and cleaned up the code come. Put your public key in the $public_key var.
[php]

[/php]

After trying your code. I get this error.

Parse error: syntax error, unexpected $end in /home/public_html/modules/mod_contact_form1/mod_contact_form1.php on line 1

Did you copy the whole code from here or only part of it? I pasted the entire page code that I tested and it works as it should. unexpected $end usually means you are missing a closing }
Copy the whole code I posted and replace it with the code on your page. I didn’t change anything above the form in the php. The error must be in how you coppied it over.

Ok the first time. I copied all the code, and the second time, I just copied from the tag.
Its working now . . . And looks great, but it seems emails still go through, without the captcha being filled in . . .IS there something else im doing wrong . . . Here is the website http://www.durbanwebsites.co.za/
The from can be found at the bottom of the page . . . .
Here is the working code, so far

php

php

Well your not even validating the captcha response in your validation code. The lib file require needs to be moved towards the top in this case and then a elseif() added in the validation area.
Here
[php]

[/php]

Ok, with the last code you sent me. There seems to be an error on line 42. Here is the errror I recieve, if I fill in the form, and post it without filling in the captcha. I tried (else), by itself, and I tried (if), by itself.

Fatal error: Call to undefined function validateCaptcha() in /home/durbanw/public_html/modules/mod_contact_form1/mod_contact_form1.php on line 42

42. elseif (validateCaptcha() === FALSE)
    43.{ echo “The Captcha did not pass validation. Please try again.”;

Maybe they changed the function in newer versions, I’ve had mine for a couple years. The validateCaptcha() is in my lib file. Look in the file you have and see if maybe they changed it, mine was at the bottom of the page and it returns TRUE or FALSE. Or you can post the lib file here too.

Here is the latest recaptchalib.php file. Downloaded from Google Re-captcha

<?php /* * This is a PHP library that handles calling reCAPTCHA. * - Documentation and latest version * http://recaptcha.net/plugins/php/ * - Get a reCAPTCHA API Key * https://www.google.com/recaptcha/admin/create * - Discussion group * http://groups.google.com/group/recaptcha * * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net * AUTHORS: * Mike Crawford * Ben Maurer * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ /** * The reCAPTCHA server URL's */ define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api"); define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api"); define("RECAPTCHA_VERIFY_SERVER", "www.google.com"); /** * Encodes the given data into a query string format * @param $data - array of string elements to be encoded * @return string - encoded request */ function _recaptcha_qsencode ($data) { $req = ""; foreach ( $data as $key => $value ) $req .= $key . '=' . urlencode( stripslashes($value) ) . '&'; // Cut the last '&' $req=substr($req,0,strlen($req)-1); return $req; } /** * Submits an HTTP POST to a reCAPTCHA server * @param string $host * @param string $path * @param array $data * @param int port * @return array response */ function _recaptcha_http_post($host, $path, $data, $port = 80) { $req = _recaptcha_qsencode ($data); $http_request = "POST $path HTTP/1.0\r\n"; $http_request .= "Host: $host\r\n"; $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; $http_request .= "Content-Length: " . strlen($req) . "\r\n"; $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; $http_request .= "\r\n"; $http_request .= $req; $response = ''; if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) { die ('Could not open socket'); } fwrite($fs, $http_request); while ( !feof($fs) ) $response .= fgets($fs, 1160); // One TCP-IP packet fclose($fs); $response = explode("\r\n\r\n", $response, 2); return $response; } /** * Gets the challenge HTML (javascript and non-javascript version). * This is called from the browser, and the resulting reCAPTCHA HTML widget * is embedded within the HTML form it was called from. * @param string $pubkey A public key for reCAPTCHA * @param string $error The error given by reCAPTCHA (optional, default is null) * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false) * @return string - The HTML to be embedded in the user's form. */ function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false) { if ($pubkey == null || $pubkey == '') { die ("To use reCAPTCHA you must get an API key from https://www.google.com/recaptcha/admin/create"); } if ($use_ssl) { $server = RECAPTCHA_API_SECURE_SERVER; } else { $server = RECAPTCHA_API_SERVER; } $errorpart = ""; if ($error) { $errorpart = "&error=" . $error; } return '
'; } /** * A ReCaptchaResponse is returned from recaptcha_check_answer() */ class ReCaptchaResponse { var $is_valid; var $error; } /** * Calls an HTTP POST function to verify if the user's guess was correct * @param string $privkey * @param string $remoteip * @param string $challenge * @param string $response * @param array $extra_params an array of extra variables to post to the server * @return ReCaptchaResponse */ function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array()) { if ($privkey == null || $privkey == '') { die ("To use reCAPTCHA you must get an API key from https://www.google.com/recaptcha/admin/create"); } if ($remoteip == null || $remoteip == '') { die ("For security reasons, you must pass the remote ip to reCAPTCHA"); } //discard spam submissions if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) { $recaptcha_response = new ReCaptchaResponse(); $recaptcha_response->is_valid = false; $recaptcha_response->error = 'incorrect-captcha-sol'; return $recaptcha_response; } $response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify", array ( 'privatekey' => $privkey, 'remoteip' => $remoteip, 'challenge' => $challenge, 'response' => $response ) + $extra_params ); $answers = explode ("\n", $response [1]); $recaptcha_response = new ReCaptchaResponse(); if (trim ($answers [0]) == 'true') { $recaptcha_response->is_valid = true; } else { $recaptcha_response->is_valid = false; $recaptcha_response->error = $answers [1]; } return $recaptcha_response; } /** * gets a URL where the user can sign up for reCAPTCHA. If your application * has a configuration page where you enter a key, you should provide a link * using this function. * @param string $domain The domain where the page is hosted * @param string $appname The name of your application */ function recaptcha_get_signup_url ($domain = null, $appname = null) { return "https://www.google.com/recaptcha/admin/create?" . _recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname)); } function _recaptcha_aes_pad($val) { $block_size = 16; $numpad = $block_size - (strlen ($val) % $block_size); return str_pad($val, strlen ($val) + $numpad, chr($numpad)); } /* Mailhide related code */ function _recaptcha_aes_encrypt($val,$ky) { if (! function_exists ("mcrypt_encrypt")) { die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed."); } $mode=MCRYPT_MODE_CBC; $enc=MCRYPT_RIJNDAEL_128; $val=_recaptcha_aes_pad($val); return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); } function _recaptcha_mailhide_urlbase64 ($x) { return strtr(base64_encode ($x), '+/', '-_'); } /* gets the reCAPTCHA Mailhide url for a given email, public key and private key */ function recaptcha_mailhide_url($pubkey, $privkey, $email) { if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) { die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " . "you can do so at http://www.google.com/recaptcha/mailhide/apikey"); } $ky = pack('H*', $privkey); $cryptmail = _recaptcha_aes_encrypt ($email, $ky); return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail); } /** * gets the parts of the email to expose to the user. * eg, given johndoe@example,com return ["john", "example.com"]. * the email is then displayed as [email protected] */ function _recaptcha_mailhide_email_parts ($email) { $arr = preg_split("/@/", $email ); if (strlen ($arr[0]) <= 4) { $arr[0] = substr ($arr[0], 0, 1); } else if (strlen ($arr[0]) <= 6) { $arr[0] = substr ($arr[0], 0, 3); } else { $arr[0] = substr ($arr[0], 0, 4); } return $arr; } /** * Gets html to display an email address given a public an private key. * to get a key, go to: * * http://www.google.com/recaptcha/mailhide/apikey */ function recaptcha_mailhide_html($pubkey, $privkey, $email) { $emailparts = _recaptcha_mailhide_email_parts ($email); $url = recaptcha_mailhide_url ($pubkey, $privkey, $email); return htmlentities($emailparts[0]) . "...@" . htmlentities ($emailparts [1]); } ?>

Yeah that is a totally different code than I have. Looks like they added some things. Here is the version I have. Place your private and public key info in this file and remove the public key in the form code.
[php]

<?php /* * This is a PHP library that handles calling reCAPTCHA. * - Documentation and latest version * http://recaptcha.net/plugins/php/ * - Get a reCAPTCHA API Key * https://www.google.com/recaptcha/admin/create * - Discussion group * http://groups.google.com/group/recaptcha * * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net * AUTHORS: * Mike Crawford * Ben Maurer * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ /** * The reCAPTCHA server URL's */ $publickey = ""; // you got this from the signup page $privatekey = ""; define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api"); define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api"); define("RECAPTCHA_VERIFY_SERVER", "www.google.com"); /** * Encodes the given data into a query string format * @param $data - array of string elements to be encoded * @return string - encoded request */ function _recaptcha_qsencode ($data) { $req = ""; foreach ( $data as $key => $value ) $req .= $key . '=' . urlencode( stripslashes($value) ) . '&'; // Cut the last '&' $req=substr($req,0,strlen($req)-1); return $req; } /** * Submits an HTTP POST to a reCAPTCHA server * @param string $host * @param string $path * @param array $data * @param int port * @return array response */ function _recaptcha_http_post($host, $path, $data, $port = 80) { $req = _recaptcha_qsencode ($data); $http_request = "POST $path HTTP/1.0\r\n"; $http_request .= "Host: $host\r\n"; $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; $http_request .= "Content-Length: " . strlen($req) . "\r\n"; $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; $http_request .= "\r\n"; $http_request .= $req; $response = ''; if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) { die ('Could not open socket'); } fwrite($fs, $http_request); while ( !feof($fs) ) $response .= fgets($fs, 1160); // One TCP-IP packet fclose($fs); $response = explode("\r\n\r\n", $response, 2); return $response; } /** * Gets the challenge HTML (javascript and non-javascript version). * This is called from the browser, and the resulting reCAPTCHA HTML widget * is embedded within the HTML form it was called from. * @param string $pubkey A public key for reCAPTCHA * @param string $error The error given by reCAPTCHA (optional, default is null) * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false) * @return string - The HTML to be embedded in the user's form. */ function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false) { if ($pubkey == null || $pubkey == '') { die ("To use reCAPTCHA you must get an API key from https://www.google.com/recaptcha/admin/create"); } if ($use_ssl) { $server = RECAPTCHA_API_SECURE_SERVER; } else { $server = RECAPTCHA_API_SERVER; } $errorpart = ""; if ($error) { $errorpart = "&error=" . $error; } return '
'; } /** * A ReCaptchaResponse is returned from recaptcha_check_answer() */ class ReCaptchaResponse { var $is_valid; var $error; } /** * Calls an HTTP POST function to verify if the user's guess was correct * @param string $privkey * @param string $remoteip * @param string $challenge * @param string $response * @param array $extra_params an array of extra variables to post to the server * @return ReCaptchaResponse */ function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array()) { if ($privkey == null || $privkey == '') { die ("To use reCAPTCHA you must get an API key from https://www.google.com/recaptcha/admin/create"); } if ($remoteip == null || $remoteip == '') { die ("For security reasons, you must pass the remote ip to reCAPTCHA"); } //discard spam submissions if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) { $recaptcha_response = new ReCaptchaResponse(); $recaptcha_response->is_valid = false; $recaptcha_response->error = 'incorrect-captcha-sol'; return $recaptcha_response; } $response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify", array ( 'privatekey' => $privkey, 'remoteip' => $remoteip, 'challenge' => $challenge, 'response' => $response ) + $extra_params ); $answers = explode ("\n", $response [1]); $recaptcha_response = new ReCaptchaResponse(); if (trim ($answers [0]) == 'true') { $recaptcha_response->is_valid = true; } else { $recaptcha_response->is_valid = false; $recaptcha_response->error = $answers [1]; } return $recaptcha_response; } /** * gets a URL where the user can sign up for reCAPTCHA. If your application * has a configuration page where you enter a key, you should provide a link * using this function. * @param string $domain The domain where the page is hosted * @param string $appname The name of your application */ function recaptcha_get_signup_url ($domain = null, $appname = null) { return "https://www.google.com/recaptcha/admin/create?" . _recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname)); } function _recaptcha_aes_pad($val) { $block_size = 16; $numpad = $block_size - (strlen ($val) % $block_size); return str_pad($val, strlen ($val) + $numpad, chr($numpad)); } /* Mailhide related code */ function _recaptcha_aes_encrypt($val,$ky) { if (! function_exists ("mcrypt_encrypt")) { die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed."); } $mode=MCRYPT_MODE_CBC; $enc=MCRYPT_RIJNDAEL_128; $val=_recaptcha_aes_pad($val); return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); } function _recaptcha_mailhide_urlbase64 ($x) { return strtr(base64_encode ($x), '+/', '-_'); } /* gets the reCAPTCHA Mailhide url for a given email, public key and private key */ function recaptcha_mailhide_url($pubkey, $privkey, $email) { if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) { die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " . "you can do so at http://www.google.com/recaptcha/mailhide/apikey"); } $ky = pack('H*', $privkey); $cryptmail = _recaptcha_aes_encrypt ($email, $ky); return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail); } /** * gets the parts of the email to expose to the user. * eg, given johndoe@example,com return ["john", "example.com"]. * the email is then displayed as [email protected] */ function _recaptcha_mailhide_email_parts ($email) { $arr = preg_split("/@/", $email ); if (strlen ($arr[0]) <= 4) { $arr[0] = substr ($arr[0], 0, 1); } else if (strlen ($arr[0]) <= 6) { $arr[0] = substr ($arr[0], 0, 3); } else { $arr[0] = substr ($arr[0], 0, 4); } return $arr; } /** * Gets html to display an email address given a public an private key. * to get a key, go to: * * http://www.google.com/recaptcha/mailhide/apikey */ function recaptcha_mailhide_html($pubkey, $privkey, $email) { $emailparts = _recaptcha_mailhide_email_parts ($email); $url = recaptcha_mailhide_url ($pubkey, $privkey, $email); return htmlentities($emailparts[0]) . "...@" . htmlentities ($emailparts [1]); } // Checks the validity of the reCaptcha response and returns true or false function validateCaptcha() { $captcha_resp = recaptcha_check_answer ($GLOBALS['privatekey'], $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); return (!$captcha_resp->is_valid) ? FALSE : TRUE; } ?>

[/php]

I would prefer to use the new recaptchalib.php , if possible, reason being that I have heard that some spambots can get through captcha . . . I read this in a few forums . . . . Is it possible?

Ok, Im going to be going to bed now. Its late here in South Africa. Thanks for your help. Im glad we have been able to make so much progress. Please keep the recaptchalib.php , in mind.

Thanks again for all your help.
Greatly Appreciated.