PHP Password Box for Comment Form

1,218

4

5

Posted

Introduction: PHP Password Box for Comment Form

On my website, I have a small form where users could post comments about the site. But I ran into a problem a few times. It seemed like some web bots invaded the form and posted random stuff. My form would send me an email telling me about the comment being left and what was typed in a UID box I have. The UID box is for me to reply to people, though the typed UID will not be stored anywhere.

Because of these seemingly randomly generated comments, I felt the need to take things a step further and find a way to prevent auto submission of forms. So I created a password box.

In this tutorial, I will show how to do such a task and a few ways to use it. Sure there are better ways to go about making a password box, but for small websites, this way should do.

Step 1: Requirements

The requirements here are few. You will need a text editor of any kind. You will also need either web-hosting, your own web server, of a program called "easyPHP" or equivalent. Outside of these, everything else is optional; ie, food/drink, popcorn, a movie, music, portals, gold.

Step 2: The Password Box

Password boxes are very simple. They look just like text boxes, and are pure HTML. But for this type of password box, you may want to use a normal text box. That way, visitors can see if they mistyped the not-so-secret password. I will be using the password type box. There is a process here: start a session, choose a password from a list, show that password, the password box with a submit button. All of this is page one. This page has to be in PHP. So type (or copy/paste) the following:

<?php
session_start();
?>
<head><!-- header stuff here --></head>
<?php
$passwords = array("password 1","password 2","other passwords here","1234","Trebad0r"); //our password list
$options = count($passwords)-1; //this allows us to add to the list because it counts how many options there are
$choice = rand(0,$options); //this picks a random number from the count above
$_SESSION['password'] = $passwords[$choice]; //this actually sets the password
?>
<body> <!-- we will pretend you already have a spot for the box -->
<form action="./index2.php" method="post">
The chosen password is: <?php echo $_SESSION['password']; //this prints the password ?> <!-- tell the password --><br />
<input type="password" name="password" /><br />
<input type="submit" /></form>
</body>

Step 3: Is the Entered Password Correct?

Well, this is why we used sessions. We need to pass information along to the form processor. Using conditional statements, we will test the entered password by echoing one of two statements. So here is the index2.php

<?php
session_start();
?>
<head><!-- header stuff here --></head>
<body>
<?php
if(isset($_POST)){ //test that the submit button was pressed
if($_POST['password'] == $_SESSION['password']){ //and if the password was correct
echo "Correct"; //say correct
}
else { //if the password was incorrect
echo "Wrong"; //say wrong
}
}
?>
<br />
<a href="./">Back</a>
</body>

Step 4: Test the Page

On page one, you will be given a password to enter. Enter this password and press submit. You will be taken to a different page telling you correct. Follow the link to the first page. Repeat a few times. Now do it again, but with the wrong passwords. You should also note that the password changes every time the page refreshes. Also, with some editing, you can use images rather than text.

Share

    Recommendations

    • Science of Cooking

      Science of Cooking
    • Pocket-Sized Contest

      Pocket-Sized Contest
    • Microcontroller Contest

      Microcontroller Contest
    user

    We have a be nice policy.
    Please be positive and constructive.

    Tips

    Questions

    5 Comments

    Given that 3 D printers do not discriminate against that which can be
    produced, the technology introduces the nefarious maglie calcio
    outlet
    possibilities of producing undocumented, undetectable weaponry
    for the enthusiast and terrorist alike. For more on this subject, please
    reference the above video entitled "Cody Wilson Interview with Glenn
    Beck."htt

    http://www.magliaitalia.eu

    Given that 3 D printers do not discriminate against that which can be
    produced, the technology introduces the nefarious maglie calcio
    outlet
    possibilities of producing undocumented, undetectable weaponry
    for the enthusiast and terrorist alike. For more on this subject, please
    reference the above video entitled "Cody Wilson Interview with Glenn
    Beck."htt

    http://www.magliaitalia.eu

    Given that 3 D printers do not discriminate against that which can be
    produced, the technology introduces the nefarious maglie calcio
    outlet
    possibilities of producing undocumented, undetectable weaponry
    for the enthusiast and terrorist alike. For more on this subject, please
    reference the above video entitled "Cody Wilson Interview with Glenn
    Beck."htt

    http://www.magliaitalia.eu

    you should do it with a dynamic picture, it's very easy and effective

    That was my initial intention. I just stuck with text to see if it would work. Eventually I'll get around to actually making the images.