Question Captcha

[durangod]

Since basic captcha's have been broken for some time now in the industry, i wonder if anyone has come up with an addon for question captcha that we could decide the question and answer to be shown. I normally do this myself in my other scripts, just use a quick session value and input and its done. But im wondering if there is an addon or something someone has come up with on their own.

 

Thanks

[durangod]

i have successfully add the question input to the ticket request.

 

I modified /supportticketsubmit-steptwo.tpl

 

I had to add the javascipt onsubmit function (which i normally do anyway but i prefer to capture all errors in php first then move to js as a plus.

 

But in this case since i have no access to the main php file i could not trap the error if everything else was input correctly except for the quesiton. Basically if all was fine but the question was either blank or wrong, the ticket would still issue.

 

All other error traps work fine as long as their is an error elsewhere, which is why i had to capture the error with js.. for these two issues.

 

Let me know what you think please.. If you make any positive corrections please share with others here thanks.

 

Here is the entire file i have made notes of my changes and mods.

 

This is for the portal template by the way..

 

 

 

<script language="JavaScript" type="text/javascript">
{literal}
var currentcheckcontent,lastcheckcontent;
jQuery(document).ready(function(){
   jQuery("#addfileupload").click(function () {
       jQuery("#fileuploads").append("<input type=\"file\" name=\"attachments[]\" size=\"50\"><br />");
       return false;
   });
});
{/literal}
{if $kbsuggestions}
{literal}
function getticketsuggestions() {
   currentcheckcontent = jQuery("#message").val();
   if (currentcheckcontent!=lastcheckcontent && currentcheckcontent!="") {
       $.post("submitticket.php", { action: "getkbarticles", text: currentcheckcontent },
       function(data){
           if (data) {
               jQuery("#searchresults").html(data);
               jQuery("#searchresults").slideDown();
           }
       });
       lastcheckcontent = currentcheckcontent;
}
   setTimeout('getticketsuggestions();', 3000);
}
getticketsuggestions();
{/literal}
{/if}
</script>


<!-- added for security question -->

<script type="text/javascript">
{literal}
function validatequest()
{

if (document.submitticket.squest.value.length == 0)
          {
            alert("Security Question Not Answered - Please provide an answer!");
            document.submitticket.squest.focus();
            return (false);
          }

if (document.submitticket.squest.value != 'orange')
          {
            alert("Security Question Incorrect - Please provide a correct answer!");
            document.submitticket.squest.focus();
            return (false);
          }

return (true);

}//close function validatequest
{/literal}
</script>

{php}

$notcorrect = '';  //initialize this

if($_POST['squest'])
{

$answered = mysql_real_escape_string(trim(strtolower($_POST['squest'])));

 if($answered != "orange")
 {  
 $notcorrect = "Secret Question Incorrect or Not Answered";
{/php}

{if !$errormessage}  <!-- if no other error messages then force this one -->

{php}
 echo "<div class='errorbox'>$notcorrect</div>";
{/php}

{/if}

{php}   
 }else{
    $notcorrect = '';
      }//end else

}else{
     $notcorrect = "Secret Question Incorrect or Not Answered";
    }// else if post

{/php}
<!-- end added for security question -->


<!-- modified for security question -->
{if $errormessage}
<div class="errorbox">{$errormessage}</div>

{php}
  //if there are other errors as well then add this do the display if in fact wrong.
 if($notcorrect)
  {
   echo "<div class='errorbox'>Secret Question Incorrect or Not Answered</div>";
   }//close if
{/php}

<br />
{/if}
<!-- end modified for security question -->

<!-- onsubmit was added for security question as well as form input code -->

<form action="{$smarty.server.PHP_SELF}?step=3" method="post" enctype="multipart/form-data" name="submitticket" id="submitticket" onsubmit="return validatequest();">
 <input type="hidden" name="deptid" value="{$deptid}" />
 <table width="100%" cellspacing="1" cellpadding="0" class="frame">
   <tr>
     <td><table width="100%" border="0" cellpadding="10" cellspacing="0">
         <tr>
           <td width="120" class="fieldarea">{$LANG.supportticketsclientname}</td>
           <td>{if $loggedin}{$clientname}{else}
             <input type="text" name="name" size="30" value="{$name}" />
             {/if}</td>
         </tr>
         <tr>
           <td class="fieldarea">{$LANG.supportticketsclientemail}</td>
           <td>{if $loggedin}{$email}{else}
             <input type="text" name="email" size="50" value="{$email}" />
             {/if}</td>
         </tr>
         <tr>
           <td class="fieldarea">{$LANG.supportticketsdepartment}</td>
           <td>{$department}</td>
         </tr>
         <tr>
           <td class="fieldarea">{$LANG.supportticketsticketsubject}</td>
           <td><input type="text" name="subject" size="60" value="{$subject}" /></td>
         </tr>
         <tr>
           <td class="fieldarea">{$LANG.supportticketsticketurgency}</td>
           <td><select name="urgency">
               <option value="High"{if $urgency eq "High"} selected="selected"{/if}>{$LANG.supportticketsticketurgencyhigh}</option>
               <option value="Medium"{if $urgency eq "Medium" || !$urgency} selected="selected"{/if}>{$LANG.supportticketsticketurgencymedium}</option>
               <option value="Low"{if $urgency eq "Low"} selected="selected"{/if}>{$LANG.supportticketsticketurgencylow}</option>
             </select></td>
         </tr>
         {if $relatedservices}
         <tr>
           <td class="fieldarea">{$LANG.relatedservice}</td>
           <td><select name="relatedservice">
               <option value="">{$LANG.none}</option>

{foreach from=$relatedservices item=relatedservice}

               <option value="{$relatedservice.id}">{$relatedservice.name} ({$relatedservice.status})</option>

{/foreach}

             </select></td>
         </tr>
         {/if}
         <tr>
           <td colspan="2" class="fieldarea"><textarea name="message" id="message" rows="12" cols="60" style="width:100%">{$message}</textarea></td>
         </tr>
         {foreach key=num item=customfield from=$customfields}
         <tr>
           <td class="fieldarea">{$customfield.name}</td>
           <td>{$customfield.input} {$customfield.description}</td>
         </tr>
         {/foreach}
         <tr>
           <td class="fieldarea">{$LANG.supportticketsticketattachments}</td>
           <td><input type="file" name="attachments[]" size="50" />
             <a href="#" id="addfileupload"><img src="images/add.gif" class="absmiddle" border="0" alt="" /> {$LANG.addmore}</a><br />
             <div id="fileuploads"></div>
             ({$LANG.supportticketsallowedextensions}: {$allowedfiletypes})</td>
         </tr>
     </table></td>
   </tr>
 </table>
 <br />
 <div id="searchresults" class="contentbox" style="display:none;"></div>
 {if $capatacha}
 <h2>{$LANG.captchatitle}</h2>
 <p>{$LANG.captchaverify}</p>
 {if $capatacha eq "recaptcha"}
 <div align="center">{$recapatchahtml}</div>
 {else}
 <p align="center"><img src="includes/verifyimage.php" align="middle" /> <input type="text" name="code" size="10" maxlength="5" /></p>
 <p align="center"><strong>Security Question:</strong> What color is the twitter bird on the right side of this page? <input type="text" name="squest" id="squest" size="6" maxlength="6" /></p>
 {/if}
 {/if}
 <p align="center">
   <input type="submit" value="{$LANG.supportticketsticketsubmit}" />
 </p>
</form><br />

Edited January 21, 2013 by durangod
forgot to add input id

[durangod]

I also just added this to the clientregister.tpl and it works fine... The only new thing i had to do with the clientregister is i had to give the form a name, have no idea why anyone would even do a form anymore and not give it a name, it does not hurt anything and its there when you need it.

 

 

If there are hooks or functions or better ways to do this please share thanks..

 

 

 

I would like to use the whmcs function for sanitizing but i do not know if that is just sanitize() or what they called that function they use.

Edited January 21, 2013 by durangod

[durangod]

I also change the javascript section as i forgot to trim the input for js.

 

<script type="text/javascript">
{literal}
function validatequest()
{
var inp = document.submitticket.squest.value; 
var answ = inp.trim();

if (answ.length == 0)
          {
            alert("Security Question Not Answered - Please provide an answer!");
            document.submitticket.squest.focus();
            return (false);
          }

if (answ != 'orange')
          {
            alert("Security Question Incorrect - Please provide a correct answer!");
            document.submitticket.squest.focus();
            return (false);
          }

return (true);

}//close function validatequest
{/literal}
</script>

 

 

or you could use this, that which i used is for the most current browsers. So you could use this to trim as well.

 

var inp = document.submitticket.squest.value; 
var answ = inp.replace(/^\s+|\s+$/g,"");  // the g switch is essential!!

Edited January 21, 2013 by durangod