Added Recaptcha
This commit is contained in:
CodeServer
parent
118ada3aee
commit
0d3fee6ba2
@ -19,6 +19,7 @@
|
||||
integrity="sha384-wvfXpqpZZVQGK6TAh5PVlGOfQNHSoD2xbE+QkPxCAFlNEevoEH3Sl0sibVcOQVnN"
|
||||
crossorigin="anonymous"
|
||||
/>
|
||||
<script src='https://www.google.com/recaptcha/api.js'></script>
|
||||
<title>New Moon Dessert Bar</title>
|
||||
</head>
|
||||
|
||||
@ -30,6 +31,7 @@
|
||||
</div>
|
||||
|
||||
<body class="index-page">
|
||||
<?php require_once "php/recaptchalib.php" ?>
|
||||
<div class="container-fluid">
|
||||
<div class="video-container-bg">
|
||||
<div class="row navbar-row">
|
||||
@ -205,7 +207,7 @@
|
||||
|
||||
<!-- LogIn Modal -->
|
||||
|
||||
<div class="modal fade" id="logInModal" tabindex="-1" aria-labelledby="logInLabel" aria-hidden="true">
|
||||
<div class="modal fade" id="logInModal" tabindex="-1" aria-labelledby="logInLabel" aria-hidden="true" tabindex="-1">
|
||||
<div class="modal-dialog modal-dialog-centered">
|
||||
<div class="modal-content">
|
||||
<form action="php/login.php" method="post">
|
||||
@ -217,19 +219,22 @@
|
||||
<div class="modal-body">
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<h3>Please enter your credentials</h3>
|
||||
<h3>Please enter your credentials</h3>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<div class="modalFormWrapper">
|
||||
<div class="mb-3">
|
||||
<label for="forUsername" class="form-label">Your Username</label>
|
||||
<input type="text" name="username" class="form-control" id="formUsername" placeholder="Username">
|
||||
<label for="forUsername" class="form-label">Your Username</label>
|
||||
<input type="text" name="username" class="form-control" id="logInUsername" placeholder="Username">
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="forPassword" class="form-label">Your Password</label>
|
||||
<input type="password" name="password" class="form-control" id="formPassword" placeholder="Password">
|
||||
<label for="forPassword" class="form-label">Your Password</label>
|
||||
<input type="password" name="password" class="form-control" id="logInPassword" placeholder="Password">
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<div class="g-recaptcha myrecaptcha" data-sitekey="6LdDrc8bAAAAAJb0qkGSSgN4YqqeqvzhxDm2KG4i"></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@ -237,7 +242,7 @@
|
||||
</div>
|
||||
|
||||
<div class="modal-footer">
|
||||
Does't have an account? <a href="#">Register now!</a>
|
||||
Does't have an account? <a href="#" data-bs-target="#registerModal" data-bs-toggle="modal" data-bs-dismiss="modal">Register now!</a>
|
||||
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
|
||||
<button type="submit" class="btn btn-primary">Log In</button>
|
||||
</div>
|
||||
@ -246,6 +251,50 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="modal fade" id="registerModal" tabindex="-1" aria-labelledby="registerLabel" aria-hidden="true">
|
||||
<div class="modal-dialog modal-dialog-centered">
|
||||
<div class="modal-content">
|
||||
<form action="php/register.php" method="post">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title" id="registerLabel">register</h5>
|
||||
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
|
||||
</div>
|
||||
|
||||
<div class="modal-body">
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<h3>Please enter your credentials</h3>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<div class="modalFormWrapper">
|
||||
<div class="mb-3">
|
||||
<label for="forUsername" class="form-label">Your Username</label>
|
||||
<input type="text" name="username" class="form-control" id="registerUsername" placeholder="Username">
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="forPassword" class="form-label">Your Password</label>
|
||||
<input type="password" name="password" class="form-control" id="registerPassword" placeholder="Password">
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<div class="g-recaptcha myrecaptcha" data-sitekey="6LdDrc8bAAAAAJb0qkGSSgN4YqqeqvzhxDm2KG4i"></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="modal-footer">
|
||||
Already have an account? <a href="#" data-bs-target="#logInModal" data-bs-toggle="modal" data-bs-dismiss="modal">LogIn here!</a>
|
||||
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
|
||||
<button type="submit" class="btn btn-primary">Register</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@ -24,48 +24,45 @@ $result = query_username($conn, $userName);
|
||||
|
||||
|
||||
if ($result->num_rows > 0) {
|
||||
|
||||
$row = $result->fetch_assoc();
|
||||
|
||||
$passWord_hashed = $row["C_Password"];
|
||||
$passWord_correct = password_verify($passWord_user, $passWord_hashed);
|
||||
if ($passWord_correct === false) {
|
||||
echo "<script> alert('Wrong password!');location.href='../index.html'; </script>";
|
||||
echo "<script> alert('Wrong password!');location.href='../index.php'; </script>";
|
||||
exit();
|
||||
} else {
|
||||
|
||||
// if (isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) {
|
||||
if (isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) {
|
||||
|
||||
// $secretKey = "6LehX_4aAAAAANIoyIRIYn8QzZtwtE7ytaQ1hgmZ";
|
||||
// $responseKey = $_POST['g-recaptcha-response'];
|
||||
// $userIP = $_SERVER['REMOTE_ADDR'];
|
||||
// $url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$responseKey&remoteip=$userIP";
|
||||
// $response = file_get_contents($url);
|
||||
// $response = json_decode($response);
|
||||
$secretKey = "6LdDrc8bAAAAAGhP99aDPJ2_6O7yrwIUc8yJLaQU";
|
||||
$responseKey = $_POST['g-recaptcha-response'];
|
||||
$userIP = $_SERVER['REMOTE_ADDR'];
|
||||
$url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$responseKey&remoteip=$userIP";
|
||||
$response = file_get_contents($url);
|
||||
$response = json_decode($response);
|
||||
|
||||
// if($response->success){
|
||||
// echo "Verification success.";
|
||||
// $_SESSION['username'] = $userName;
|
||||
// header("Location: shopping.php");
|
||||
// } else {
|
||||
// echo "<script> alert('reCAPTHCA verification failed, please try again.');location.href='login.php'; </script>";
|
||||
// return;
|
||||
// }
|
||||
if($response->success){
|
||||
echo "Verification success.";
|
||||
$_SESSION['username'] = $userName;
|
||||
header("Location: ../shopping/shopping.php");
|
||||
} else {
|
||||
echo "<script> alert('reCAPTHCA verification failed, please try again.');location.href='login.php'; </script>";
|
||||
return;
|
||||
}
|
||||
|
||||
// } else {
|
||||
// echo "<script> alert('Please click reCAPTHCA to verify.');location.href='login.php'; </script>";
|
||||
// return;
|
||||
// }
|
||||
} else {
|
||||
echo "<script> alert('Please click reCAPTHCA to verify.');location.href='../index.php'; </script>";
|
||||
return;
|
||||
}
|
||||
|
||||
// TODO: delete later
|
||||
echo "Verification success.";
|
||||
$_SESSION['username'] = $userName;
|
||||
header("Location: ../shopping/shopping.php");
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
// echo "<script> alert('Username dosen't exist.Please sign up first.');location.href='../index.html'; </script>";
|
||||
header("Location: ../index.html");
|
||||
// echo "<script> alert('Username dosen't exist.Please sign up first.');location.href='../index.php'; </script>";
|
||||
header("Location: ../index.php");
|
||||
exit();
|
||||
|
||||
}
|
||||
|
||||
59
php/recaptchalib.php
Normal file
59
php/recaptchalib.php
Normal file
@ -0,0 +1,59 @@
|
||||
<?php
|
||||
/*header("Access-Control-Allow-Origin: https://www.gstatic.com");*/
|
||||
/*if(isset($_POST['submit']) && !empty($_POST['submit'])){
|
||||
|
||||
// check do we have recaptcha param added to form and submited
|
||||
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])){
|
||||
|
||||
//your site secret recaptcha key
|
||||
$secret = '6LehX_4aAAAAANIoyIRIYn8QzZtwtE7ytaQ1hgmZ';
|
||||
|
||||
|
||||
//get verify response data
|
||||
$verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
|
||||
|
||||
$responseData = json_decode($verifyResponse);
|
||||
|
||||
// check was the response successfully checked by Google
|
||||
if($responseData->success){
|
||||
// if recaptcha check was success
|
||||
$succMsg = 'Your contact request have submitted successfully.';
|
||||
exit($succMsg);
|
||||
}else{
|
||||
// if not show the error
|
||||
$errMsg = 'Robot verification failed, please try again.';
|
||||
echo "<script type='text/javascript'>alert('$errMsg');</script>";
|
||||
|
||||
}
|
||||
|
||||
}else{
|
||||
// if recaptcha is not checked
|
||||
$errMsg = 'Please click on the reCAPTCHA box.';
|
||||
echo "<script type='text/javascript'>alert('$errMsg');</script>";
|
||||
}
|
||||
} */
|
||||
|
||||
if(isset($_POST['submit'])) {
|
||||
if(!isset($_POST['g-recaptcha-response']) || empty($_POST['g-recaptcha-response'])) {
|
||||
echo 'reCAPTHCA verification failed, please try again.';
|
||||
} else {
|
||||
$secret = 'google_secret_key';
|
||||
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
$response = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
$response = json_decode($response);
|
||||
|
||||
if($response->success) {
|
||||
// What happens when the CAPTCHA was entered incorrectly
|
||||
echo 'Successful login.';
|
||||
} else {
|
||||
// Your code here to handle a successful verification
|
||||
echo 'reCAPTHCA verification failed, please try again.';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
@ -8,7 +8,7 @@ $passWord = $_POST['password'];
|
||||
$query = "INSERT INTO account(C_ID,C_Password) VALUES('$userName','$passWord')";
|
||||
// if (isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) {
|
||||
|
||||
// $secretKey = "6LehX_4aAAAAANIoyIRIYn8QzZtwtE7ytaQ1hgmZ";
|
||||
// $secretKey = "6LdDrc8bAAAAAGhP99aDPJ2_6O7yrwIUc8yJLaQU";
|
||||
// $responseKey = $_POST['g-recaptcha-response'];
|
||||
// $userIP = $_SERVER['REMOTE_ADDR'];
|
||||
// $url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$responseKey&remoteip=$userIP";
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
$conn = connectMysql();
|
||||
session_start();
|
||||
if(!isset($_SESSION['username'])) {
|
||||
header('Location: ../index.html');
|
||||
header('Location: ../index.php');
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
<div class="shopping_headerNav">
|
||||
<div class="col-xl-12" id="shopping_headerImg">
|
||||
<span> Username </span>
|
||||
<span> Username <?php echo $_SESSION['username']; ?></span>
|
||||
<img id="headerImg" src="../img/headerImg.jpg">
|
||||
</div>
|
||||
</div>
|
||||
@ -1,5 +1,8 @@
|
||||
#logInModal
|
||||
#logInModal, #registerModal
|
||||
.modal-body
|
||||
.myrecaptcha
|
||||
div
|
||||
margin: auto
|
||||
h3
|
||||
color: OliveDrab
|
||||
text-align: center
|
||||
|
||||
@ -153,12 +153,16 @@ video {
|
||||
display: block;
|
||||
}
|
||||
|
||||
#logInModal .modal-body h3 {
|
||||
#logInModal .modal-body .myrecaptcha div, #registerModal .modal-body .myrecaptcha div {
|
||||
margin: auto;
|
||||
}
|
||||
|
||||
#logInModal .modal-body h3, #registerModal .modal-body h3 {
|
||||
color: OliveDrab;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
#logInModal .modal-footer a {
|
||||
#logInModal .modal-footer a, #registerModal .modal-footer a {
|
||||
text-decoration: none;
|
||||
margin-left: 5px;
|
||||
margin-right: 10px;
|
||||
|
||||
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue
Block a user