simple captcha code implementation

Question

The issue I am having is the form submits data to a payment processing company.

the captcha I implemented is located here: http://www.php-help.ro/examples/math_captcha_image for this to work the form most submit to self or to a php page that I have access to instead here is the form code:

<form action="https://secure.bluepay.com/interfaces/bp10emu" method=POST>

      <input type=hidden name=MERCHANT value="100105032970">
      <tr><td>Zipcode:</td><td><input type=text name=ZIPCODE></td></tr>
      <tr><td>Phone:</td><td><input type=text name=PHONE></td></tr>
      <tr><td>Email:</td><td><input type=text name=EMAIL></td></tr>
      <tr><td>Captcha:</td><td>    <input type="text" name="secure" value="what's the result?" onClick="this.value=''" /><br><br>
      <img src="image.php" alt="Click to reload image" title="Click to reload image" id="captcha" onClick="javascript:reloadCaptcha()" />
      </td></tr>
      <tr><td colspan=2><input type=SUBMIT value="Pay Now"></td></tr>

    </table>
    </form>

the script works perfectly when implentated on a form that submits to self. but since its posting to bluepay.com I am not sure on how to get it to verify captcha BEFORE submitting. any ideas?

Answer 1

$("form").submit(function(){
    $.post({
        url: 'check.php',
        data: $("input[name='captcha']").val(),
        success: function(data) {
            if (data == "OK")
                return true;
            else
                alert("CAPTCHA Fail!");
            return false;
        }
    });
});

Answer 2

Method 1: Use JavaScript

Since you are going to submit it to another application, it would be better to check with JavaScript for the correctness. So, you can just fire an AJAX Event using jQuery to check if the given answer is correct by passing the CAPTCHA User Input value to the page that performs the check. If it is correct, then submit the form.

Consider this code:

<?php
    if ($_POST["captcha"] == $_SESSION["captcha"])
        die ("OK");
    else
        die ("No");
?>

And in the JavaScript, you can use jQuery's $.post() function this way:

$("form").submit(function(){
    $.post({
        url: 'check.php',
        data: $("input[name='captcha']").val(),
        success: function(data) {
            if (data == "OK")
                return true;
            else
                alert("CAPTCHA Fail!");
            return false;
        }
    });
});

Method 2: Use cURL

You can use a function like this:

function post_to_url($url, $data) {
   $fields = '';
   foreach($data as $key => $value) { 
      $fields .= $key . '=' . $value . '&'; 
   }
   rtrim($fields, '&');

   $post = curl_init();

   curl_setopt($post, CURLOPT_URL, $url);
   curl_setopt($post, CURLOPT_POST, count($data));
   curl_setopt($post, CURLOPT_POSTFIELDS, $fields);
   curl_setopt($post, CURLOPT_RETURNTRANSFER, 1);

   $result = curl_exec($post);

   curl_close($post);
}

Check the CAPTCHA and then process the form.

Answer 3

You can make another page for your form to be submitted to, where you verify the captcha, and then from there redirect to the payment gateway.

PHP Redirect with POST data

OR

you can try using cURL - POST data to a URL in PHP