ECshop中驗證碼的調用
<input type="text" size="8" name="captcha"
class="inputBg" />
<img src="captcha.php?{$rand}" alt="captcha"
onClick="this.src='captcha.php?'+Math.random()"
class="captcha">
驗證碼的驗證
if
(empty($_POST['captcha']))
{
show_message($_LANG['order']['captcha_empty']);
}
include_once('includes/cls_captcha.php');
$validator = new captcha();
//$validator->session_word = 'captcha_login';
if
(!$validator->check_word(($_POST['captcha'])))
{
show_message($_LANG['invalid_captcha']);
}
$GLOBALS['smarty']->assign('rand', mt_rand());
// 驗證碼防止灌水刷屏
if
((intval($_CFG['captcha']) & CAPTCHA_MESSAGE)
&& gd_version() >
0)
{
include_once('includes/cls_captcha.php');
$validator = new captcha();
//
驗證驗證碼是否正確
if
(!$validator->check_word($_POST['captcha']))
{
show_message($_LANG['invalid_captcha']);
}
}
else
{
//沒有驗證碼時,用時間來限制機器人發帖或惡意發評論
if (!isset($_SESSION['send_time']))
{
$_SESSION['send_time'] = 0;
}
$cur_time = gmtime();
if (($cur_time - $_SESSION['send_time']) < 30) //
小於30秒禁止發評論
{
show_message($_LANG['cmt_spam_warning']);
}
}
沒有驗證碼的時候居然還可以用時間來限制惡意發評論,今天算是又學到一招了。