html = $htmlstring; } /// end validation //@@ -195,13 +251,18 @@ if ( md5($chrono_verification ) != $_SESSION['chrono_verification'] ) { showErrorMessage( CHRONO_WRONG_VERIFICATION ); showform($_POST);+ //get the foccus to the verification code+ echo "\n\n"; return;- }else{+ }else{ unset($_SESSION['chrono_verification']); } } - /**+ /** * if $debug is true then ChronoForms will show diagnostic output */ $debug = $paramsvalues->debug;@@ -227,24 +288,27 @@ if ( ($_FILES[$allowed_s2[0]]["size"] / 1024) > trim($paramsvalues->uploadmax) ) { $fileok = false; showErrorMessage( CHRONO_FILE_TOO_LARGE );- exit();+ showform($_POST);+ return; } if ( ($_FILES[$allowed_s2[0]]["size"] / 1024) uploadmin) ) { $fileok = false; showErrorMessage( CHRONO_FILE_TOO_SMALL );- exit();+ showform($_POST);+ return; } $fn = $_FILES[$allowed_s2[0]]['name']; $fext = substr($fn, strrpos($fn, '.') + 1); if ( !in_array(strtolower($fext), $allowed_s3) ) { $fileok = true; showErrorMessage( CHRONO_FILE_WRONG_TYPE );- exit();+ showform($_POST);+ return; } if ( $fileok ) { $uploadedfile = handle_uploaded_files($original_name, $filename); if ( $uploadedfile ) {- $attachments[$allowed_s2[0]] = $uploadedfile;+ $attachments[$allowed_s2[0]] = $uploadedfile; } } }-rsd"> [HACK] Captcha form data recover - Forums

Forums

[HACK] Captcha form data recover

rsd 30 Aug, 2008
Hi,

The only big issue I have seen in CF is when the user types a wrong validation code/captcha and the form returns blank, forcing the user to rewrite everything again or just giving up.

This javascript addons solves this problem. The only place where it wont work is (obviously) with upload fields.

Enjoy🙂

diff -Nru ChronoForms-V2.3.9-J1.0-pt_BR/chronocontact.php ChronoForms V2.3.9  J1.0-rsd2/chronocontact.php
--- ChronoForms-V2.3.9-J1.0-pt_BR/chronocontact.php	2008-08-30 01:42:24.000000000 -0300
+++ ChronoForms V2.3.9  J1.0-rsd2/chronocontact.php	2008-08-26 11:13:30.000000000 -0300
@@ -143,6 +143,62 @@
 					$htmlstring = str_replace($match,$match.' class="'.$class_string.'"',$htmlstring);
 				}
 			}
+
+		if (!empty($posted))
+		{
+			$htmlstring .= "\n<script type=\"text/javascript\"><!-- \n";
+			foreach ($posted as $post_key => $post_value)
+			{
+				if (empty($post_value)) continue;
+				$stripped_value = addslashes($post_value);
+
+				//Correct for proper javascript identification
+				$old_post_key = $post_key;
+				if (is_array( $posted[$post_key] ))
+					$post_key .= "[]"; 
+
+				$htmlstring .= 'chrono_field = document.ChronoContact_'.$formname.'.elements[\''.addslashes($post_key).'\'];'."\n";
+
+				$htmlstring .= "if (chrono_field) {\n";
+				$htmlstring .= "	if (chrono_field.type == 'file'){ ;\n";
+
+				if (is_array( $posted[$old_post_key] ))
+				{
+					$htmlstring .= "	} else if (chrono_field.type == 'select-multiple') {\n";
+					$htmlstring .= "		for (i=0;i<chrono_field.options.length;i++) {\n";
+					foreach ($posted[$old_post_key] as $post_post_key => $post_post_value)
+					{
+						$stripped_value2 = addslashes($post_post_value);
+						$htmlstring .= "			if (chrono_field.options[i].value == '" .  $stripped_value2 . "')\n";
+						$htmlstring .= "				chrono_field.options[i].selected = true;\n";
+					}
+					$htmlstring .= "		}\n";
+					$htmlstring .= "	}\n";
+				} else {
+					//simple select list
+					$htmlstring .= "	} else if (chrono_field.type == 'select-one') {\n";
+					$htmlstring .= "		for (i=0;i<chrono_field.length;i++) {\n";
+					$htmlstring .= "			if (chrono_field[i].value == '" .  $stripped_value . "')\n";
+					$htmlstring .= "				chrono_field[i].selected = true;\n";
+					$htmlstring .= "		}\n";
+
+					//is it an array? maybe a radio button
+					$htmlstring .= "	} else if (!chrono_field.type && chrono_field.length) {\n";
+					$htmlstring .= "		for (i=0;i<chrono_field.length;i++) {\n";
+					$htmlstring .= "			if (chrono_field[i].value == '" .  $stripped_value . "')\n";
+					$htmlstring .= "				chrono_field[i].checked = true;\n";
+					$htmlstring .= "		}\n";
+
+					$htmlstring .= "	} else if (chrono_field.type == 'checkbox')\n";
+					$htmlstring .= "		chrono_field.checked = true;\n";
+
+					$htmlstring .= "	else\n";
+					$htmlstring .= "		chrono_field.value = '$stripped_value';\n";
+				}
+				$htmlstring .= "}\n";
+			}
+			$htmlstring .= "\n --></script>\n";
+		}
 		$rows[0]->html = $htmlstring;
 		}
 	/// end validation //
@@ -195,13 +251,18 @@
 		if ( md5($chrono_verification ) != $_SESSION['chrono_verification'] ) {
 			showErrorMessage( CHRONO_WRONG_VERIFICATION );
 			showform($_POST);
+			//get the foccus to the verification code
+			echo "\n<script language=\"JavaScript\"><!-- \n"
+				. "document.ChronoContact_$formname.chrono_verification.value = '';\n"
+			 	. "document.ChronoContact_$formname.chrono_verification.focus();\n"
+			 	. "\n --></script>\n";
 			return;
-        }else{
+	        }else{
 			unset($_SESSION['chrono_verification']);
 		}
     }
 	
-	/**
+    /**
      * if $debug is true then ChronoForms will show diagnostic output
      */
     $debug = $paramsvalues->debug;
@@ -227,24 +288,27 @@
 				if ( ($_FILES[$allowed_s2[0]]["size"] / 1024) > trim($paramsvalues->uploadmax) ) {
 					$fileok = false;
 					showErrorMessage( CHRONO_FILE_TOO_LARGE );
-					exit();
+					showform($_POST);
+					return;
 				}
 				if ( ($_FILES[$allowed_s2[0]]["size"] / 1024) < trim($paramsvalues->uploadmin) ) {
 					$fileok = false;
 					showErrorMessage( CHRONO_FILE_TOO_SMALL );
-					exit();
+					showform($_POST);
+					return;
 				}
 				$fn     = $_FILES[$allowed_s2[0]]['name'];
 				$fext   = substr($fn, strrpos($fn, '.') + 1);
 				if ( !in_array(strtolower($fext), $allowed_s3) ) {
 					$fileok = true;
 					showErrorMessage( CHRONO_FILE_WRONG_TYPE );
-					exit();
+					showform($_POST);
+					return;
 				}
 				if ( $fileok ) {
 					$uploadedfile = handle_uploaded_files($original_name, $filename);
 					if ( $uploadedfile ) {
-                        $attachments[$allowed_s2[0]] = $uploadedfile;
+			                        $attachments[$allowed_s2[0]] = $uploadedfile;
 					}
 				}
 			}


-rsd
Max_admin 30 Aug, 2008
Thank you again, we have solved the issue with the J1.5 version (V 3.0) only and its great to have some solution for the J1.0.x users!🙂

Best regards,

Max
Max
ChronoForms developer...
Did you try ChronoMyAdmin for managing your Joomla database tables ?
Q5Webdesign 17 Sep, 2008
Am sorry if I sound stupid but where do I have to place this code? Looks like a great solution to me!

Thanks!
Mark
rsd 17 Sep, 2008
Hi Mark,

This is a patch file (save it as something like recover.patch).
To use it, you will need the patch command (which is part of the diffutils package).

To Use it:

$ patch -p1 < recover.patch

From inside the source code.

Diffutils is commonly installed in Linux and Unix systems, it can be be installed on Mac OS X too. On windows, in case it is what you use, I am not sure if it can be installed without cygwin, which might be too much.

So, as a last resource, you can do the patch by hand. Here is how it works:

diff -Nru ChronoForms-V2.3.9-J1.0-pt_BR/chronocontact.php ChronoForms V2.3.9  J1.0-rsd2/chronocontact.php
--- ChronoForms-V2.3.9-J1.0-pt_BR/chronocontact.php   2008-08-30 01:42:24.000000000 -0300
+++ ChronoForms V2.3.9  J1.0-rsd2/chronocontact.php   2008-08-26 11:13:30.000000000 -0300

The first line is the command used to generate the patch.
The 2nd and 3rd line are which files are being comapared (in this case chronocontact.php).

@@ -143,6 +143,62 @@
               $htmlstring = str_replace($match,$match.' class="'.$class_string.'"',$htmlstring);
            }
         }
+
+      if (!empty($posted))
+      {
+         $htmlstring .= "\n<script type=\"text/javascript\"><!-- \n";
+         foreach ($posted as $post_key => $post_value)
+         {

The next line (@@ one) tells where in the file is the change.
In this case it says: at line 143 of the original files, there were 6 lines there and after this chunk, this will still be line 143 in the patched file, but now there will be 62 lines instead of 6 (56 new lines). Did it make sense?
Good🙂

After this, all lines that start with a space (like the next ones) means dont touch them, they are just a guide to be located to see where to insert the altered code.
The lines that starts with "+" are new lines to be inserted. Copy and paste thislines in the right place. And remove the "+" sign.
Finally, lines that start with "-", should be removed from the original code.

Small patchs are easily to insert by hand and good to see what have changed.

Note that if you use the mambot, it has to be changed in the same way too.

Good luck,
-Raul
Q5Webdesign 17 Sep, 2008
omg thanks soooo much! I'll try it this evening and let you know if it works here!

Thanks for your great explaination! Never figured it out meself!

Greetings,
Mark
Q5Webdesign 17 Sep, 2008
I tried to change the code, but now when I filled in the form with an invalid captcha code, I get a script error and the Page freezes. It must be me I think.
This is what I did:
Go to: components/com_chronocontact/chronocontact.php And edit the code. It's now this: 140 to 370


					}
					$class_string = implode(" ",$class_array);
					$htmlstring = str_replace($match,$match.' class="'.$class_string.'"',$htmlstring);
				}
			}







      if (!empty($posted))
      {
         $htmlstring .= "\n<script type=\"text/javascript\"><!-- \n";
         foreach ($posted as $post_key => $post_value)
         {
            if (empty($post_value)) continue;
            $stripped_value = addslashes($post_value);

            //Correct for proper javascript identification
            $old_post_key = $post_key;
            if (is_array( $posted[$post_key] ))
               $post_key .= "[]";

            $htmlstring .= 'chrono_field = document.ChronoContact_'.$formname.'.elements[\''.addslashes($post_key).'\'];'."\n";

            $htmlstring .= "if (chrono_field) {\n";
            $htmlstring .= "   if (chrono_field.type == 'file'){ ;\n";

            if (is_array( $posted[$old_post_key] ))
            {
               $htmlstring .= "   } else if (chrono_field.type == 'select-multiple') {\n";
               $htmlstring .= "      for (i=0;i<chrono_field.options.length;i) {\n";
               foreach ($posted[$old_post_key] as $post_post_key => $post_post_value)
               {
                  $stripped_value2 = addslashes($post_post_value);
                  $htmlstring .= "         if (chrono_field.options[i].value == '" .  $stripped_value2 . "')\n";
                  $htmlstring .= "            chrono_field.options[i].selected = true;\n";
               }
               $htmlstring .= "      }\n";
               $htmlstring .= "   }\n";
            } else {
               //simple select list
               $htmlstring .= "   } else if (chrono_field.type == 'select-one') {\n";
               $htmlstring .= "      for (i=0;i<chrono_field.length;i) {\n";
               $htmlstring .= "         if (chrono_field[i].value == '" .  $stripped_value . "')\n";
               $htmlstring .= "            chrono_field[i].selected = true;\n";
               $htmlstring .= "      }\n";

               //is it an array? maybe a radio button
               $htmlstring .= "   } else if (!chrono_field.type && chrono_field.length) {\n";
               $htmlstring .= "      for (i=0;i<chrono_field.length;i) {\n";
               $htmlstring .= "         if (chrono_field[i].value == '" .  $stripped_value . "')\n";
               $htmlstring .= "            chrono_field[i].checked = true;\n";
               $htmlstring .= "      }\n";

               $htmlstring .= "   } else if (chrono_field.type == 'checkbox')\n";
               $htmlstring .= "      chrono_field.checked = true;\n";

               $htmlstring .= "   else\n";
               $htmlstring .= "      chrono_field.value = '$stripped_value';\n";
            }
            $htmlstring .= "}\n";
         }
         $htmlstring .= "\n --></script>\n";
      }







		$rows[0]->html = $htmlstring;
		}
	/// end validation //
	
	
    HTML_ChronoContact::showform( $rows , $imver);
}

/**
 * Respond to a submitted form
 *
 */
function uploadandmail()
{
    global $database, $mosConfig_mailfrom, $mosConfig_fromname, $my, $chronocontact_params,
        $mosConfig_live_site, $mosConfig_absolute_path;
		
		// Block SPAM through the submit URL
		if ( empty($_POST) ) {
			echo "You are not allowed to access this URL directly, POST array is empty";
			return;
		}
    

    /**
     * Retrieve form data from the database
     */
    $formname = strval(mosGetParam( $_GET, 'chronoformname', '' ));
    //$formname = $_GET['chronoformname'];
    $query     = "
	   SELECT *
	       FROM #__chrono_contact
	       WHERE name='$formname'";
    $database->setQuery( $query );
    $rows = $database->loadObjectList();
    $titlesvalues = mosParseParams($rows[0]->titlesall);
    $paramsvalues = mosParseParams($rows[0]->paramsall);
	
    $error_found = false;
    /**
     * If imageversification is on check the code
     */
    if ( trim($paramsvalues->imagever) == 'Yes' ) {
		if (session_name() != md5('chrono')){
			session_write_close();
		}
		session_name(md5('chrono'));
		session_start();
		$chrono_verification = strtolower($_POST['chrono_verification']);
		if ( md5($chrono_verification ) != $_SESSION['chrono_verification'] ) {
			showErrorMessage('Sorry, You have entered a wrong verification code');
			showform($_POST);





//get the foccus to the verification code
echo "\n<script language=\"JavaScript\"><!-- \n"
. "document.ChronoContact_$formname.chrono_verification.value = '';\n"
. "document.ChronoContact_$formname.chrono_verification.focus();\n"
. "\n --></script>\n";







			return;
        }else{
			unset($_SESSION['chrono_verification']);
		}
    }
	
	/**
     * if $debug is true then ChronoForms will show diagnostic output
     */
    $debug = $paramsvalues->debug;
    if ( $debug ) {
        echo "_POST: ";
        print_r($_POST);
        echo "<br />";
    }

    /**
     * Upload attachments
     */
	$attachments = array();
	if ( trim($paramsvalues->uploads == 'Yes' ) && trim($paramsvalues->uploadfields) ) {
		$allowed_s1 = explode(",", trim($paramsvalues->uploadfields));
		foreach ( $allowed_s1 as $allowed_1 ) {
			$allowed_s2      = explode(":", trim($allowed_1));
			$allowed_s3      = explode("|", strtolower(trim($allowed_s2[1])));
			$original_name   = $_FILES[$allowed_s2[0]]['tmp_name'];
			$filename        = date('YmdHis').'_'.preg_replace('`[^a-z0-9-_.]`i','',$_FILES[$allowed_s2[0]]['name']);
			$fileok          = true;
			if ( $original_name ) {
				if ( ($_FILES[$allowed_s2[0]]["size"] / 1024) > trim($paramsvalues->uploadmax) ) {
					$fileok = false;
					showErrorMessage('Sorry, Your uploaded file size exceeds the allowed limit.');







showform($_POST);
return;	





				}
				if ( ($_FILES[$allowed_s2[0]]["size"] / 1024) < trim($paramsvalues->uploadmin) ) {
					$fileok = false;
					showErrorMessage('Sorry, Your uploaded file size is less than the allowed limit');



			 showform($_POST);
              return;	



				}
				$fn     = $_FILES[$allowed_s2[0]]['name'];
				$fext   = substr($fn, strrpos($fn, '.') + 1);
				if ( !in_array(strtolower($fext), $allowed_s3) ) {
					$fileok = true;
					showErrorMessage('Sorry, Your uploaded file type is not allowed');



			  showform($_POST);
              return;	




				}
				if ( $fileok ) {
					$uploadedfile = handle_uploaded_files($original_name, $filename);
					if ( $uploadedfile ) {



                         $attachments[$allowed_s2[0]] = $uploadedfile;
					}
				}
			}
		}
	}
	/* Do Onsubmit before_email plugins*/


Could you please check what I did wrong? Can't figure it out. I've red about another method to add value tags in the "input type" Like this:

<input type="text" name="Datum" id="datum" size="40"  value="<?php echo $_POST['Datum']; ?>" />


This works perfect, but I have some option checkboxes, and I don't know how to add a value there...like this example:


<label for="geslacht">Geslacht van uw huisdier*:</label>
<br />
<select size="1" name="Geslacht_huisdier" id="geslacht">
<option value=" mannelijk ">Male </option> 
<option value=" vrouwelijk ">Female </option> 
<option value=" onbekend ">Unknown </option> 
</select>


If you have a solution for the option type, it would solve my problem too, but I hope you find out what I did wrong in the script.

Thanks so much for helping me,

Greetings,
Mark
rsd 17 Sep, 2008
you are mixing a server side solution with a client side solution.

the javascript makes the use of php in the values obsolete, but requires that the client have js enabled.

probably the script error you are getting is the problem. what error is this?

i recommend using firefox with the error console to get the right error message.

-rsd
Q5Webdesign 18 Sep, 2008
Hi,

I am not mixing, I just try it both solutions and see what's working best for me. I know what the problem of the javascript is! The script freezes on this code:


<label for="geslacht">Geslacht van uw huisdier*:</label>
<br />
<select size="1" name="Geslacht_huisdier" id="geslacht">
<option value=" mannelijk ">Mannelijk </option> 
<option value=" vrouwelijk ">Vrouwelijk </option> 
<option value=" onbekend ">Onbekend </option> 
</select> 


When I delete that code it works perfectly, but when I test it with the "dropdown code" I get a warning in IE and Firefox:
"Warning: script doesn't respond"

This is the site:
http://www.grafischwebdesign.nl/vitaaldier/component/option,com_chronocontact/Itemid,9/chronoformname,Vitaaldierklacht/

Sorry it's in dutch.

Can you please help me? Thanks so much!
GreyHead 18 Sep, 2008
Hi Q5Webdesign,

I think that the problem with the JavaScript solution is that it is trying to set the <select> tag to selected and isn't cycling through the options to check which of them should be selected. it needs a little sub-loop in there.

As you are going server-side to check the ImageVerification I prefer to reset the field values server side as well. Here's an example pulled out of some more complex code - all in the form html
<div class="optional"><label for="contact_pref" class='labelSelect'>I prefer to be contacted by: </label>
<select name="contact_pref" size="1" id="contact_pref">
<?php
$cpref_array = array("phone" => "Telephone", "email" => "Email", "post" => "Postal");
// set a default value
if ( !$result_array['contact_pref'] ) {
    $result_array['contact_pref'] = "phone";
}
// Check and see if a selection is made
foreach ( $cpref_array as $cpref => $title ) {
    if ( $cpref == $result_array['contact_pref'] ) {
        $s = $selected;
    } else {
        $s = "";
    }
    // Output the option
    echo "<option value='$cpref' $s >$title</option>";
}
?>
</select></div>

Note that $result_array has (a) *all* the field names as keys and values set from $_POST - some fields may not be included in $_POST; and (b) array results exploded back into arrays.

Bob
Q5Webdesign 18 Sep, 2008
Hi Greyhead,

Thanks for your explaination! Am sorry that my english isn't very good neither are my scripting skills but I think you're trying to say that I have to use your script in stead of my "option" script? I tried to delete all my "option" fields and insert only your script but I get the same error?

Maybe I don't understand something? Or is it just not possible?

Thanks so much for helping me and sorry that I don't understand it yet!

Greetings,
Mark
rsd 18 Sep, 2008
Hi Mark,

For some reason you deleted all `` ++ '' from the `` i++ '' increment on all for() loops.

Please, recheck the code for the missing parts. This will solve your problem.

Also, change all
addslashes($post_value);

to
addcslashes($post_value, "\0..\37\\");

This will solve other problems with speciall characters.

-Raul Dias
Q5Webdesign 18 Sep, 2008
Hi rsd!

You are FANTASTIC!!!!! This solved all my problems! I feel stupid! I copied the code and replaced all the "+" with spaces. Stupid I know!
Thanks so much for your time and helping me out!
Respect!

greetings,
Mark
This topic is locked and no more replies can be posted.