The Final Functions - AJAX

The Final AJAX/JavaScript Functions in Index.php <head>

<script type="text/javascript" src="prototype.js"></script>
<script type="text/javascript">
function sendRequest() {
new Ajax.Request("/recaptchaajaxprototype/recaptchavalidate.php",
{
method: 'post',
parameters: 'recaptcha_challenge_field='+$F('recaptcha_challenge_field')+'&recaptcha_response_field='+$F('recaptcha_response_field'),
onComplete: EvaluateResponse
});
}
function EvaluateResponse(req){
var response = req.responseText;
var wrong = "Wrong";
var compare ="Incorrect captcha";
if (response==wrong) {
alert(compare);
Recaptcha.reload();
}
else {
processdata();
}
}
function processdata() {
//Server side validation and form processing
new Ajax.Request("/recaptchaajaxprototype/process.php",
{
method: 'post',
parameters: 'age='+$F('age'),
onComplete: showResponse
});
}
function showResponse(req){
$('show').innerHTML= req.responseText;
Recaptcha.reload();
}
</script>

RecaptchaValidate.php Script

This PHP script is used by the AJAX function to validate the user's Recaptcha input. The following is the code:

<?php

//Start PHP session
//Session is used to pass the success validation key to the process.php script, indicating that the Recaptcha validation has been successful.

//Session is a safe way to pass the values because the success validation value will not be visible using a client browser.

session_start();

//Require the recaptcha library files.

require_once('recaptchalib.php');

//Define your own Recaptcha private key here.

$privatekey = "YOUR RECAPTCHA PRIVATE KEY HERE";

//Post the recaptcha answer to server for comparison.

$resp = recaptcha_check_answer ($privatekey,$_SERVER["REMOTE_ADDR"],$_POST["recaptcha_challenge_field"],$_POST["recaptcha_response_field"]);

//Check if the user recaptcha answer is correct or not.

if (!$resp->is_valid)

//If the answer is incorrect, then output the text "Wrong". This text value will be assigned to AJAX req.responseText and will be used by the Javascript functions to do comparison.
{
echo "Wrong";
}
if ($resp->is_valid)
{

//If the Recaptcha answer is valid, then assign the MD5 value of the Recaptcha private key to a session variable.

//This session variable will be passed to process.php web forms for Recaptcha success validation.

//For security reasons, session are used instead of passing the values back to the AJAX and Javascript functions.

//It is because if the values are passed back to JavaScript, it will be accessible by the client browser and can compromise the key.

$_SESSION['validatesuccess']= md5($privatekey);
}
?>

Process.php Script

This PHP script will do the work of form processing. It will retrieve the form's user inputs, process them and send output back to the user. However, it will only accept and process form values if the Recaptcha validation succeeds.

<?php

//Start the PHP session, this is REQUIRED to retrieve the success validation key values passed from Recaptchavalidate.php

session_start();

//Assign all errors to an array

$errors=array();

//Your Recaptcha private key

$privatekey = "YOUR RECAPTCHA PRIVATE KEY HERE";

//MD5 again your private in process.php so that the hash value will be compared to the value from the recaptchavalidate.php

$hash=md5($privatekey);

//Assign the value of the session coming from recaptchavalidate.php to a php variable.

$recaptchavalidation = $_SESSION['validatesuccess'];

//Check if the captcha is correct by comparing the hashed value to the value from the session variable

if ($recaptchavalidation <> $hash)
{
$errors[]= "ERROR: Wrong Recaptcha.";
}

//Start of actual form handling. Retrieving the posted values from the web form and other processing. You can replace the entire PHP code below with your own application.

$age =trim($_POST['age']);
if (empty($age)) {
$errors[] = 'ERROR: Your age is empty.';
}

if (!(is_numeric($age))) {
//not a number
$errors[] = 'ERROR: The submitted data is NOT a NUMBER';
}
$roundup= round($age);
$inttest= abs($roundup-$age);
if ($inttest !=0) {
//not an integer
$errors[] = 'ERROR: The submitted data is NOT an INTEGER. Only non-decimal values are allowed.';
}

if (($age < 0) || ($age == 0)) {

//less than

$errors[] = 'ERROR: Negative number is NOT allowed.';

}

if (sizeof($errors) > 0)
{
 echo "<ul>";
 foreach ($errors as $e)
 {
  echo "<li>$e</li>";
 }
 echo "</ul>";
 die ();
}
//data submitted by user are valid, determine age criteria
if ($age<18) {
 echo 'You are a minor!';
}
if (($age>17) && ($age<60)) {
    echo 'Your age belongs to the majority!';
}
if ($age>59) {
    echo 'You are a senior citizen!';
}

//End of Form processing
//Destroy the session value.

session_destroy();
?>

You can download all of thee project scripts here: http://www.php-developer.org/recaptchaajaxprototype/