?
Solved

trying to incorporate captcha into an existing asp form and email routine

Posted on 2006-11-27
6
Medium Priority
?
530 Views
Last Modified: 2008-01-09
Hello,

I am trying to incorporate a captcha into an existing form due to the huge amount of spam we are getting from this form on our website. I have placed the security field above my submit button on the asp form. Just need a way to keep someone from getting past entering the correct value before the email is sent. I basically want an email to be generated if the code is correct, if not return to the form from the page that generates the email with the fields still having their original values and the user returned to the security code field asking them to press the load new code link and enter the correct code this time.

The variable is named (blnCAPTCHAcodeCorrect).

Here is the code for the asp form named contact-us.asp:

The form page is named contact-us.asp and here the code.

<FORM ACTION="sendeform.asp" METHOD="POST" onsubmit="return validateForm(this)" name="Form1">
  <p><font face="Arial" size="2">Name </font>  
  <font face="Arial" size="2" color="#000080">(required)</font><br>
  <input type="text" name="Name" size="40" maxlength="70">&nbsp;<br>
  <font face="Arial" size="2">  E-mail Address </font>
  <font face="Arial" size="2" color="#000080">(required)</font><font face="Arial" size="2"> </font>
   <font face="Arial" size="2">  <br>
    <input type="text" name="EmailAddress" size="35" maxlength="35"><BR>
  </font>
   <font face="Arial" size="2">Subject</font><font face="Arial" size="2"><BR>
   </font>
   <select name="Subject" size="1">
   <option selected value="Other">Please Select</option>
   <option value="Acceptable Use Violation">Acceptable Use Violation</option>
   <option value="Billing Question">Billing Question</option>
   <option value="Custom Quote">Custom Quote</option>
   <option value="Service Request">Service Request</option>
   <option value="Technical Support">Technical Support</option>
   <option value="Web Site Access">Web Site Access</option>
   </select><BR>

   <font face="Arial" size="2">Daytime Phone </font>
   <font face="Arial" size="2" color="#000080">(required)</font><font face="Arial" size="2"><BR>
   <INPUT maxLength="12" name="DaytimePhone" size="12" onfocus="doSubmit=false;"
    onblur="checkPhone(this);" onkeyup="phoneMask(this);" onkeydown="phoneMask(this);"
    value=""/><br>
  </font>
 
  <font face="Arial" size="2">Street Address</font><font face="Arial" size="2"><BR>  
   <INPUT TYPE="text" NAME="StreetAddress" SIZE="45" /><BR>  
  </font>
 
  <font face="Arial" size="2">City</font><font face="Arial" size="2"><BR><INPUT TYPE="text" NAME="City" SIZE="45" /><BR>  
  </font>
 
  <font face="Arial" size="2">State</font><font face="Arial" size="2"><BR>  
  </font>
 
   <select name="State" size="1">
   <option selected value="FL">Please Select</option>
   <option value="FL">FLORIDA</option>
   <option value="GA">GEORGIA</option>
   <option value="TN">TENNESSEE</option>
   <option value="SC">SOUTH CAROLINA</option>
   <option value="NC">NORTH CAROLINA</option>
   </select><font face="Arial" size="2"><BR>  
  </font>
 
  <font face="Arial" size="2">Zip Code</font><font face="Arial" size="2"><BR><INPUT TYPE="text" NAME="ZipCode" SIZE="15"><BR>  
  </font>
 
  <font face="Arial" size="2">Enter Question Here</font>
  <font face="Arial" size="2"><BR>
  <TEXTAREA COLS=50 ROWS=12 NAME="message"></TEXTAREA>
 
<!-- include the Web Wiz CAPTCHA form -->
<!--#include file="CAPTCHA/CAPTCHA_form_inc.asp" -->

  <INPUT TYPE="submit" VALUE="Only press once to send" />
  <INPUT TYPE="reset" VALUE="Clear" />  
  </font>
  </FORM>


Here are the instructions that came with the captcha:

1. Place the folder, and it's contents, named 'CAPTCHA' into the same directory that your
web form you wish to integrate Web Wiz CAPTCHA into is within.


2. The web page that contains the HTML web form you wish to integrate Web Wiz CAPTCHA into must
have an .asp extension (eg. my_own_form_file.asp (this is an example file name and not a real
file))


3. Open your web form in a text editor and place the following code into the part of your
form where you wish the CAPTCHA image and textarea to be:-

     <!-- include the Web Wiz CAPTCHA form -->
     <!--#include file="CAPTCHA/CAPTCHA_form_inc.asp" -->

     
4. Open the file in a text editor that is to process your web form input, and place the
following code at the top of the file (not within ASP blocks):-

     <!-- Include file for CAPTCHA form processing -->            
     <!-- #include file="CAPTCHA/CAPTCHA_process_form.asp" -->

     
5. Now within the file you entered the code from the last step into you can call the following
variable to check that the CAPTCHA code entered is correct.

     blnCAPTCHAcodeCorrect
     
If the CAPTCHA code entered is correct the above variable with be set to true, if the CAPTCHA code
has not been entered correctly the variable will be set to false.


     5.1 Below is some sample code to check the CAPTCHA code is correct:-
     
          <%

          If blnCAPTCHAcodeCorrect = True Then
               Response.Write(" CAPTCHA code is correct")
          ElseIf  blnCAPTCHAcodeCorrect = False Then
               Response.Write(" CAPTCHA code is NOT correct")
          End If

          %>


Here is the page (eform.asp) that is called by pressing the submit button (the one that actually generates the email and the one that is supposed to check the value of thevariable blnCAPTCHAcodeCorrect is true or false.
I do not want an email sent if the variable is false. I would like the person just returned to the form with an error saying you incorrectly entered the captcha, hopefully the form would still have the other values they already entered.
So I need help incorporating this into this asp code.

<% If "" & Request("EmailAddress") <> "" Then
    Set Mail = Server.CreateObject("Persits.MailSender")
    Mail.Host = "mail.example.net" 'specify valid SMTP host
    Mail.From = Request("EmailAddress") 'specify senders address
    Mail.FromName = Request("Name") 'specify senders name
    Mail.AddAddress "sales@example.net"                      
    'Mail.AddCC "admin@example.net"
    'Mail.AddCustomHeader "Return-Receipt-To: <sales@example.net>"
    'Mail.AddCustomHeader "Disposition-Notification-To: <sales@example.net>"  
    Mail.Subject = Request("Subject")
    'Build message body
    Body = "IP Address: " & Request.ServerVariables("REMOTE_HOST") & chr(13) & chr(10)
    Body = Body & "Daytime Phone No: " & Request("DaytimePhone") & chr(13) & chr(10)
    Body = Body & "Address: " & Request("StreetAddress") & chr(13) & chr(10)
    Body = Body & "City: " & Request("City") & chr(13) & chr(10)
    Body = Body & "State: " & Request("State") & chr(13) & chr(10)
    Body = Body & "Zip Code: " & Request("ZipCode") & chr(13) & chr(10)
    Body = Body & "Message: " & Request("Message") & chr(13) & chr(10)
 
    Mail.Body = Body ' assign string to Mail.Body
 
    On Error Resume Next
    Mail.Send()
    Set Mail = Nothing
    Response.Redirect("thankyou.htm")
    If Err <> 0 Then
      Response.Write "Error encountered: " & Err.Description
    End If
     Else %>
<script language="JavaScript" type="text/javascript">javascript: window.history.back(-1)</script>
<% End IF %>

Thank you in advance.
 
0
Comment
Question by:TrueBlue
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 18020836
TrueBlue,

The code modified code for sendeform.asp is below.  It will check to see if the CAPTCHA variable is true and if so then it will continue to process.  Otherwise it will set the values from the form as session variables and redirect to the form.  I will include the modified form code next.

<% If "" & Request("EmailAddress") <> "" Then
    If blnCAPTCHAcodeCorrect <> True then
       Session("email") = Request("EmailAddress")
       Session("name") = Request("Name")
       Session("subject") = Request("Subject")
       Session("DaytimePhone") = Request("DaytimePhone")
       Session("Address") = Request("StreetAddress")
       Session("City") = Request("City")
       Session("State") = Request("State")
       Session("Zip") = Request("ZipCode")
       Session("Message") = Request("Message")
       Response.Redirect "formpage.asp?err=captcha"
    Else
    Set Mail = Server.CreateObject("Persits.MailSender")
    Mail.Host = "mail.example.net" 'specify valid SMTP host
    Mail.From = Request("EmailAddress") 'specify senders address
    Mail.FromName = Request("Name") 'specify senders name
    Mail.AddAddress "sales@example.net"                      
    'Mail.AddCC "admin@example.net"
    'Mail.AddCustomHeader "Return-Receipt-To: <sales@example.net>"
    'Mail.AddCustomHeader "Disposition-Notification-To: <sales@example.net>"  
    Mail.Subject = Request("Subject")
    'Build message body
    Body = "IP Address: " & Request.ServerVariables("REMOTE_HOST") & chr(13) & chr(10)
    Body = Body & "Daytime Phone No: " & Request("DaytimePhone") & chr(13) & chr(10)
    Body = Body & "Address: " & Request("StreetAddress") & chr(13) & chr(10)
    Body = Body & "City: " & Request("City") & chr(13) & chr(10)
    Body = Body & "State: " & Request("State") & chr(13) & chr(10)
    Body = Body & "Zip Code: " & Request("ZipCode") & chr(13) & chr(10)
    Body = Body & "Message: " & Request("Message") & chr(13) & chr(10)
 
    Mail.Body = Body ' assign string to Mail.Body
 
    On Error Resume Next
    Mail.Send()
    Set Mail = Nothing
    Response.Redirect("thankyou.htm")
    If Err <> 0 Then
      Response.Write "Error encountered: " & Err.Description
    End If
    End if
     Else %>
<script language="JavaScript" type="text/javascript">javascript: window.history.back(-1)</script>
<% End IF %>

Let me know if you have any questions or need more information.

b0lsc0tt
0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 18020914
The form code for contact-us.asp could be the following:

<%
If Request.Querystring("err") = "captcha" then
%>
<div align="center">There was an error with the letters you entered.  Please look at the image in the form and type the letters you see.</div>
<%
End if
%>
<FORM ACTION="sendeform.asp" METHOD="POST" onsubmit="return validateForm(this)" name="Form1">
  <p><font face="Arial" size="2">Name </font>  
  <font face="Arial" size="2" color="#000080">(required)</font><br>
  <input type="text" name="Name" size="40" maxlength="70" value="<%= Session("name") %>">&nbsp;<br>
  <font face="Arial" size="2">  E-mail Address </font>
  <font face="Arial" size="2" color="#000080">(required)</font><font face="Arial" size="2"> </font>
   <font face="Arial" size="2">  <br>
    <input type="text" name="EmailAddress" size="35" maxlength="35" value="<%= Session("email") %>"><BR>
  </font>
   <font face="Arial" size="2">Subject</font><font face="Arial" size="2"><BR>
   </font>
   <select name="Subject" size="1">
   <option value="Other" <% If Session("subject") = "" then Response.Write "selected" %>>Please Select</option>
   <option value="Acceptable Use Violation" <% If Session("subject") = "Acceptable Use Violation" then Response.Write "selected" %>>Acceptable Use Violation</option>
   <option value="Billing Question" <% If Session("subject") = "Billing Question" then Response.Write "selected" %>>Billing Question</option>
   <option value="Custom Quote" <% If Session("subject") = "Custom Quote" then Response.Write "selected" %>>Custom Quote</option>
   <option value="Service Request" <% If Session("subject") = "Service Request" then Response.Write "selected" %>>Service Request</option>
   <option value="Technical Support" <% If Session("subject") = "Technical Support" then Response.Write "selected" %>>Technical Support</option>
   <option value="Web Site Access" <% If Session("subject") = "Web Site Access" then Response.Write "selected" %>>Web Site Access</option>
   </select><BR>

   <font face="Arial" size="2">Daytime Phone </font>
   <font face="Arial" size="2" color="#000080">(required)</font><font face="Arial" size="2"><BR>
   <INPUT maxLength="12" name="DaytimePhone" size="12" onfocus="doSubmit=false;"
    onblur="checkPhone(this);" onkeyup="phoneMask(this);" onkeydown="phoneMask(this);"
    value="<%= Session("DaytimePhone") %>"/><br>
  </font>
 
  <font face="Arial" size="2">Street Address</font><font face="Arial" size="2"><BR>  
   <INPUT TYPE="text" NAME="StreetAddress" SIZE="45" value="<%= Session("Address") %>" /><BR>  
  </font>
 
  <font face="Arial" size="2">City</font><font face="Arial" size="2"><BR><INPUT TYPE="text" NAME="City" SIZE="45" value="<%= Session("City") %>" /><BR>  
  </font>
 
  <font face="Arial" size="2">State</font><font face="Arial" size="2"><BR>  
  </font>
 
   <select name="State" size="1">
   <option value="FL" <% If Session("State") = "FL" then Response.Write "selected" %>>Please Select</option>
   <option value="FL" <% If Session("State") = "FL" then Response.Write "selected" %>>FLORIDA</option>
   <option value="GA" <% If Session("State") = "GA" then Response.Write "selected" %>>GEORGIA</option>
   <option value="TN" <% If Session("State") = "TN" then Response.Write "selected" %>>TENNESSEE</option>
   <option value="SC" <% If Session("State") = "SC" then Response.Write "selected" %>>SOUTH CAROLINA</option>
   <option value="NC" <% If Session("State") = "NC" then Response.Write "selected" %>>NORTH CAROLINA</option>
   </select><font face="Arial" size="2"><BR>  
  </font>
 
  <font face="Arial" size="2">Zip Code</font><font face="Arial" size="2"><BR><INPUT TYPE="text" NAME="ZipCode" SIZE="15" value="<%= Session("Zip") %>"><BR>  
  </font>
 
  <font face="Arial" size="2">Enter Question Here</font>
  <font face="Arial" size="2"><BR>
  <TEXTAREA COLS=50 ROWS=12 NAME="message"><%= Session("Message") %></TEXTAREA>
 
<!-- include the Web Wiz CAPTCHA form -->
<!--#include file="CAPTCHA/CAPTCHA_form_inc.asp" -->

  <INPUT TYPE="submit" VALUE="Only press once to send" />
  <INPUT TYPE="reset" VALUE="Clear" />  
  </font>
  </FORM>

This code will display an error message if CAPTCHA fails and will fill in the form fields using the session variables.

Let me know if you have any questions about any of this.

bol
0
 

Author Comment

by:TrueBlue
ID: 18021600
bol,

Well I am impressed!

Only one other question, is there a way to take this error and make it so that a popup message appears on top of the contact-us.asp page that the user just presses ok and then continues entering the correct code?

<%
If Request.Querystring("err") = "captcha" then
%>
<div align="center">There was an error with the letters you entered.  Please look at the image in the form and type the letters you see.</div>
<%
End if
%>

I just think the user may miss this message.

Thank you for your help.

Chuck
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 54

Accepted Solution

by:
b0lsc0tt earned 2000 total points
ID: 18021721
You can do that using javascript.  You could replace the part that is written if the If is true with script tags.  However if javascript isn't supported by the browser or disabled by the user then no message would appear.  I modified the code below with an example ...

<%
If Request.Querystring("err") = "captcha" then
%>
<script type="text/javascript">alert("There was an error with the letter you entered.  Please look at the image in the form and type the letters you see.");</script>
<%
End if
%>

I usually make this message more visible by changing the font color.  In most cases I will use red since it isn't used in other fonts on the page.  Since it is right above the form, red, and has room (i.e. padding or margin) it stands out.  This works even if javascript is not working.  A sample is below but you may need to adjust it depending on how the form fits in your page.

<%
If Request.Querystring("err") = "captcha" then
%>
<div align="center" style="color: red;">There was an error with the letters you entered.  Please look at the image in the form and type the letters you see.</div>
<%
End if
%>

bol
0
 
LVL 54

Expert Comment

by:b0lsc0tt
ID: 18023510
I'm glad that I could help you.  Thank you for the grade, the points and the fun question.  Hopefully this will cut down on the spam.

bol
0
 

Author Comment

by:TrueBlue
ID: 18026939
Bol,

I have one more question for you, please see the following link:

http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_22074514.html

0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question