I want to add
reCaptcha to my zenphoto installation.
Looking through the code in
class-image.php revealed that `addComment($name, $email, $website, $comment)` is responsible for validating the comment form input. Thus, this is where I want to add some CAPTCHA controlls.
Problem is, I'm not certain how the form data (POST) gets sent to `addComment`. How do I get
`$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);`
to `addComment`?
Comments
I'll report back in a while.
My next post has the code needed to keep the text intact.
image.php:
`
Leave a Reply
<?php<br />
require_once('recaptchalib.php');
$publickey = "Get a key from http://recaptcha.net/api/getkey";
?>
`
[snip]
`
<?php echo recaptcha_get_html($publickey); ?>
`
functions-controller.php:
`
if (in_context(ZP_IMAGE) && isset($_POST['name']) && isset($_POST['email']) && isset($_POST['comment'])) {
if (isset($_POST['website'])) $website = strip_tags($_POST['website']); else $website = "";
require_once("/path/to/wherever/you/put/recaptchalib.php");
$privatekey = "Get a key from http://recaptcha.net/api/getkey";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid)
{
$commentadded = $_zp_current_image->addComment(strip_tags($_POST['name']), strip_tags($_POST['email']),
$website, kses($_POST['comment'], zp_conf('allowed_tags')));
}
`
If you've got more knowledge that I do, please inform us all. If you just got more sense than I do, stay away.
Here goes:
In functions-controller.php, this is what happens if the user fail their submission (bad captcha or no name/email/comment):
`
$stored = array($_POST['name'], $_POST['email'], $website, $_POST['comment'], false);
if (isset($_POST['remember'])) $stored[3] = true;
$error = true;
`
Specifically note `if (isset($_POST['remember'])) $stored[3] = true;`. This line confuses the hell out of me. It overwrites the `$_POST['comment']` (comment text) that we just inserted the line before, with a "1". I can't find where this hardcoded value is read again, so I'd rather not mess with it. If you know - please inform me.
Now, here's my ugly workaround:
`
$stored = array($_POST['name'], $_POST['email'], $website, $_POST['comment'], false);
$stored[5] = $_POST['comment'];
if (isset($_POST['remember'])) $stored[3] = true;
$error = true;
`
Simply added a sixth field and keeping the comment text safe in there. To get this back out into the comment form, heres what you need to add in image.php:
`<?=$stored[5];?>`