Ajax captcha checking

Question

So basically I have this ajax code in my index.php that works:

 $(function() {
  $("#submitbtn").click(function() {
    var txt_from = $("#txt_from").val();
    var txt_body = $("#txt_body").val();
    var captcha_code = $("#captcha_code").val();
    var txt_number = $("#txt_number").val();
    var dataString = 'txt_from=' + txt_from + '&txt_body=' + txt_body + '&captcha_code=' + captcha_code + '&txt_number=' + txt_number;
    if (txt_body == '' || txt_number == '' || txt_from == '' || captcha_code == '') {
      $('.alertsuccess').fadeOut(200).hide();
      $('.alerterror').fadeIn(200).show();
      //$('.alert-box').fadeIn(200).show();
    } else {
      $.ajax({
        type: "POST",
        url: "sendsms.php",
        data: dataString,
        success: function() {
          $('.alertsuccess').fadeOut(200).hide();
          $('.alertsuccess').fadeIn(200).show();
          $('.alerterror').fadeOut(200).hide();
          document.getElementById('captcha').src = 'securimage/securimage_show.php?' + Math.random();
          $('#txt_from').val('');
          $('#txt_body').val('');
          $('#txt_number').val('');
          $('#captcha_code').val('');
        }
      });
    }
    return false;
  });
});

And in my sendsms.php

 <?php
session_start();

if ($_POST) {
  include_once 'securimage/securimage.php';

  // header('Location: maintenance.php');

  $securimage = new Securimage();
  include "smsGateway.php";

  include "filter.php";

  $smsGateway = new SmsGateway('email@gmail.com', 'pword');
  if ($securimage->check($_POST['captcha_code']) == false) {
    echo "<script>alert('The security code entered was incorrect. Please go back and try again.');window.location.href='javascript:history.go(-1)';</script>";
    exit;
  }

  $numto = sanitize($_POST['txt_number']);
  $num = "+63" . $numto;
  $deviceID = 1254;
  $number = $num;
  $from = $_POST['txt_from'];
  $message = $from . ":\n" . sanitize($_POST['txt_body']);
  $result = $smsGateway->sendMessageToNumber($number, $message, $deviceID)
}

?>

The captcha code also works but the problem is I want to show error in my index.php if captcha is wrong instead of alerting it on sendsms.php. Is it possible? Thank you

Answer 1

in your HTML form imbed the page URL or page name in a hidden input

 <input type="hidden" name="back" value="index.html" />

PHP

<?php
session_start();
if (file_exists($_POST['back']) {
  include_once 'securimage/securimage.php';
  $securimage = new Securimage();
  if ($securimage->check($_POST['captcha_code']) == false) {
    include($_POST['back']);
    exit;
  }
  include "smsGateway.php";
  include "filter.php";
  $smsGateway = new SmsGateway('email@gmail.com', 'pword');

Answer 2

You can do it by creating a json encoded response on your php file.

echo json_encode(array( 'status' => 'failed', 'message'=> 'The security code entered was incorrect. Please go back and try again.' ));

Then on your ajax success, check if it returned a success status.

Your script

$(function() {
  $("#submitbtn").click(function() {
    var txt_from = $("#txt_from").val();
    var txt_body = $("#txt_body").val();
    var captcha_code = $("#captcha_code").val();
    var txt_number = $("#txt_number").val();
    var dataString = 'txt_from=' + txt_from + '&txt_body=' + txt_body + '&captcha_code=' + captcha_code + '&txt_number=' + txt_number;
    if (txt_body == '' || txt_number == '' || txt_from == '' || captcha_code == '') {
      $('.alertsuccess').fadeOut(200).hide();
      $('.alerterror').fadeIn(200).show();
      //$('.alert-box').fadeIn(200).show();
    } else {
      $.ajax({
        type: "POST",
        url: "sendsms.php",
        data: dataString,
        success: function(response) {
          response = $.parseJSON(response);
          if (response) {
            if (response.status == 'success') {
              $('.alertsuccess').fadeOut(200).hide();
              $('.alertsuccess').fadeIn(200).show();
              $('.alerterror').fadeOut(200).hide();
              document.getElementById('captcha').src = 'securimage/securimage_show.php?' + Math.random();
              $('#txt_from').val('');
              $('#txt_body').val('');
              $('#txt_number').val('');
              $('#captcha_code').val('');
            } else if (response.status == 'failed') {
              $("#divToErrorMessage").html(response.message);
            }
          }
        }
      });
    }
    return false;
  });
});

PHP

<?php
session_start();

if ($_POST) {
  include_once 'securimage/securimage.php';

  // header('Location: maintenance.php');

  $securimage = new Securimage();
  include "smsGateway.php";

  include "filter.php";

  $smsGateway = new SmsGateway('email@gmail.com', 'pword');
  if ($securimage->check($_POST['captcha_code']) == false) {
    echo json_encode(array( 'status' => 'failed', 'message'=> 'The security code entered was incorrect. Please go back and try again.' )); 
  }
  else {
    $numto = sanitize($_POST['txt_number']);
    $num = "+63" . $numto;
    $deviceID = 7621;
    $number = $num;
    $from = $_POST['txt_from'];
    $message = $from . ":\n" . sanitize($_POST['txt_body']);
    $result = $smsGateway->sendMessageToNumber($number, $message, $deviceID);
    echo json_encode(array( 'status' => 'success', 'message'=> 'The security code entered was correct.' )); 
  }
}

?>