CODEWITHSUNDEEP
phpcodeigniter
karisma
karisma

Reputation: 156

Captcha validation error in codeigniter

I found problem regarding my captcha validation form, for more detail here i show my code :

Captcha function

private function gbr_captcha()
    {
        $vals = array(
        'img_path' => './captcha/',
        'img_url' => base_url().'captcha/',
        'font_path' => './system/fonts/impact.ttf',
        'img_width' => '150',
        'img_height' => 40
        );
        $cap = create_captcha($vals);
        $datamasuk = array(
            'captcha_time' => $cap['time'],
            'word' => $cap['word']
            );
        $expiration = time()-3600;
        $this->db->query("DELETE FROM captcha WHERE captcha_time < ".$expiration);
        $query = $this->db->insert_string('captcha', $datamasuk);
        $this->db->query($query);
        return $cap['image'];
    }

Captcha Validation Form

    if(empty($cek))
    {
        $this->form_validation->set_rules('username', 'Username', 'required');
        $this->form_validation->set_rules('password', 'Password', 'required');
        $this->form_validation->set_rules('captcha', 'Captcha', 'trim|required');

        if ($this->form_validation->run() == FALSE)
        {
            $frm['gbr_captcha'] = $this->gbr_captcha();
            $this->load->view("app_admin/login/index",$frm);
        }
        else
        {
            $u = $this->input->post('username');
            $p = $this->input->post('password');
            $this->app_model->getLoginData($u,$p);
        }
    }

It's working to show captcha in my web, but to validate captcha inputed from user was correct or not, it's not working, I think my problem come from my validation, if there any advice to fix my code, please share, thanks..

Upvotes: 0

Views: 977

Answers (2)

1inMillion
1inMillion

Reputation: 65

I think you should have a callback function in your captcha to validate if it is correct.

 $this->form_validation->set_rules('captcha', 'Captcha', 'trim|required|callback_checkCaptcha');

function checkCaptcha($word){
$ip = $this->session->get_userdata("ip");
    //check db/query db if the captcha word is correct
    $sql = "SELECT id FROM captcha WHERE word = {$word} and ip={$ip}"
//return true or false if word exists or not
    }

And secondly how can you determine that it is the exact captcha? You can store the user ip address, or set cookies/session

Upvotes: 1

Alchalade
Alchalade

Reputation: 307

You are storing following data into your Database

 $datamasuk = array(
            'captcha_time' => $cap['time'],
            'word' => $cap['word']
            );

IMHO there is nothing which identifies the user (like the ip address.). You wont be able to get the already generated and stored text to compare. Because you dont have anything which points to the user.

Option 1: Store more information like ip address and when you trying to validate the captcha ask the database if there is any record for the ip address.

Option 2: Store the captcha in a session like

$this->session->set_userdata("captcha", ["expires"=> time()+3600, "data" => captcha_string])

That way is easier to validate (at least for me).

I hope it was clear enough.

Upvotes: 1

Related Questions