SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Guru DeNasio's Avatar
    Join Date
    May 2001
    Posts
    830
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Display confirmation screen after form is submitted

    Hello,

    I have a form written in PHP. But spam bots uses my form to send lots of spam messages. What I want to do is display a confirmation screen before the form is actually submitted. The user must enter a verification code they see on screen.

    To do this I will have to first store the submitted info as hidden field(s) in the form when displaying the confirmation screen. What I can do is send each submitted variable as a hidden field in the form. But I don't find this to be very elegant. What I want to do is send all submitted info as one hidden field. Any one know how I can do this?
    Ballot-Box.net - free polls for webmasters
    FormLog.com - free form processor

  2. #2
    SitePoint Addict
    Join Date
    May 2005
    Location
    London, ON
    Posts
    360
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm not sure why you can't just send it all individually, but if you want to combine it all you can use the implode() and explode() functions to combine and then seperate all you information. Just make sure to use a seperator that the user would never of included in their input.
    Ryan Price
    Subscribe to my blog for regular tips and tricks

  3. #3
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    1. The most elegant, and most popular from what I have seen, is to show the capcha (or whatever) on the page next to the first submit button - on the form.

    2. Use a server side session to store the vars

    3. Do what you say, somehow store all the options in a single string.

    If you are using the GET method in your form you will see them all in the address bar - that value is captured (before parsing by PHP) as $_SERVER['query_string'];

    Personally I wouldnt do it, but store query_string in the hidden field.

    What if query_string can be HUUUGGGGEEE ? 37 megs?

    Work out what the absolute max chars you will accept is, and chop off anything longer, you should always do that anyway. LEts say it 500chars.

    If you detect queryString is longer that 500 then abort and redirect anyway ....

    HTH

  4. #4
    Who turned the lights out !! Mandes's Avatar
    Join Date
    May 2005
    Location
    S.W. France
    Posts
    2,496
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by DeNasio View Post
    What I can do is send each submitted variable as a hidden field in the form. But I don't find this to be very elegant. What I want to do is send all submitted info as one hidden field. Any one know how I can do this?
    A hidden field is only hidden in so much as its not visible in the form, its not a means of security.

    Submit the capcha input along with your data input, if the capcha is wrong abort the operation.

    There are also other methods you could consider, ie only allow the formsend function to run if the data came from your page.
    A Little Knowledge Is A Very Dangerous Thing.......
    That Makes Me A Lethal Weapon !!!!!!!!

    Contract PHP Programming


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •