Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add captcha verification during student and recruiter signup #55

Merged
merged 1 commit into from Mar 7, 2019
Merged

Add captcha verification during student and recruiter signup #55

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 4 additions & 1 deletion .gitignore
View file
Open in desktop
@@ -1,3 +1,6 @@
appVars.php
connectVars.php
util/*
!util/captcha.php
images/
resume/
resume/
20 changes: 20 additions & 0 deletions css/index.css
View file
Open in desktop
Expand Up @@ -5,3 +5,23 @@
.container {
max-width: 80%;
}

.captcha-div{
margin-bottom: 20px;
margin-top: -10px;
}

#captcha-image{
margin-top: -30px;
}

.reload{
margin: 0;
padding: 0;
font-size: 50px;
color: rgb(45,148,237);
}

.reload:hover{
cursor: pointer;
}
37 changes: 29 additions & 8 deletions recruiter/signup.php
View file
Open in desktop
@@ -1,4 +1,7 @@
<?php
//start session
require_once('../templates/startSession.php');

// Database connection variables
require_once('../connectVars.php');

Expand All @@ -19,10 +22,13 @@
$hr_email = mysqli_real_escape_string($dbc, trim($_POST['hr-email']));
$password = mysqli_real_escape_string($dbc, trim($_POST['pwd']));
$verify_password = mysqli_real_escape_string($dbc, trim($_POST['confirm-pwd']));
if(!empty($company_id) && !empty($company_name) && $company_category!="0" &&
!empty($hr_name) && !empty($hr_email) &&
!empty($password) && !empty($verify_password) &&
($verify_password == $password)){
$captcha = mysqli_real_escape_string($dbc, trim($_POST['captcha']));
// verify Captcha
if(SHA1($captcha) == $_SESSION['passphrase']){
if(!empty($company_id) && !empty($company_name) && $company_category!="0" &&
!empty($hr_name) && !empty($hr_email) &&
!empty($password) && !empty($verify_password) &&
($verify_password == $password)){
// Check if company_id is available
$query = "SELECT * FROM recruiters WHERE company_id = '$company_id'";
$data = mysqli_query($dbc, $query);
Expand Down Expand Up @@ -61,6 +67,11 @@
'Please enter all fields and make sure to enter same password twice&#33;<button type="button" class="close" data-dismiss="alert" aria-label="Close">' .
'<span aria-hidden="true">&times;</span></button></div></div>';
}
} else{
echo '<div class="container"><div class="alert alert-warning alert-dismissible fade show" role="alert">' .
'Incorrect Captcha&#33; Please try again.<button type="button" class="close" data-dismiss="alert" aria-label="Close">' .
'<span aria-hidden="true">&times;</span></button></div></div>';
}
}

mysqli_close($dbc);
Expand Down Expand Up @@ -111,11 +122,21 @@
</div>
<input type="password" class="form-control" aria-label="Sizing example input" aria-describedby="inputGroup-sizing-default" id="confirm-pwd" name="confirm-pwd" placeholder="Re-Enter password">
</div>
<div class="form-group row">
<div class="col-sm-10">
<button type="submit" class="btn btn-primary" name="submit">Sign Up</button>
</div>
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="inputGroup-sizing-default">Verify Captcha:</span>
</div>
<input type="text" class="form-control" aria-label="Sizing example input" aria-describedby="inputGroup-sizing-default" id="captcha" name="captcha" placeholder="Enter captcha">
</div>
<div class="captcha-div">
<img id="captcha-image" src="../util/captcha.php" alt="captcha verification">
<label class="reload">&#x21BB;</label>
</div>
<div class="form-group row">
<div class="col-sm-10">
<button type="submit" class="btn btn-primary" name="submit">Sign Up</button>
</div>
</div>
</form>
</div>
<?php
Expand Down
5 changes: 5 additions & 0 deletions scripts/signup.js
View file
Open in desktop
@@ -0,0 +1,5 @@
$(document).ready(function(){
$(".reload").on("click", () => {
$("#captcha-image").attr("src","../util/captcha.php");
});
});
35 changes: 28 additions & 7 deletions student/signup.php
View file
Open in desktop
@@ -1,4 +1,7 @@
<?php
//start session
require_once('../templates/startSession.php');

// Database connection variables
require_once('../connectVars.php');

Expand All @@ -17,9 +20,12 @@
$webmail_ID = mysqli_real_escape_string($dbc, trim($_POST['email']));
$password = mysqli_real_escape_string($dbc, trim($_POST['pwd']));
$verify_password = mysqli_real_escape_string($dbc, trim($_POST['confirm-pwd']));
if(!empty($roll_number) && !empty($webmail_ID) && !empty($username) &&
!empty($password) && !empty($verify_password) &&
($verify_password == $password)){
$captcha = mysqli_real_escape_string($dbc, trim($_POST['captcha']));
// verify Captcha
if(SHA1($captcha) == $_SESSION['passphrase']){
if(!empty($roll_number) && !empty($webmail_ID) && !empty($username) &&
!empty($password) && !empty($verify_password) &&
($verify_password == $password)){
// Check if webmail_ID is available
$query = "SELECT * FROM students WHERE webmail_ID = '$webmail_ID'";
$data = mysqli_query($dbc, $query);
Expand Down Expand Up @@ -65,6 +71,11 @@
'Please enter all fields and make sure to enter same password twice&#33;<button type="button" class="close" data-dismiss="alert" aria-label="Close">' .
'<span aria-hidden="true">&times;</span></button></div></div>';
}
} else{
echo '<div class="container"><div class="alert alert-warning alert-dismissible fade show" role="alert">' .
'Incorrect Captcha&#33; Please try again.<button type="button" class="close" data-dismiss="alert" aria-label="Close">' .
'<span aria-hidden="true">&times;</span></button></div></div>';
}
}

mysqli_close($dbc);
Expand Down Expand Up @@ -102,11 +113,21 @@
</div>
<input type="password" class="form-control" aria-label="Sizing example input" aria-describedby="inputGroup-sizing-default" id="confirm-pwd" name="confirm-pwd" placeholder="Re-Enter password">
</div>
<div class="form-group row">
<div class="col-sm-10">
<button type="submit" class="btn btn-primary" name="submit">Sign Up</button>
</div>
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="inputGroup-sizing-default">Verify Captcha:</span>
</div>
<input type="text" class="form-control" aria-label="Sizing example input" aria-describedby="inputGroup-sizing-default" id="captcha" name="captcha" placeholder="Enter captcha">
</div>
<div class="captcha-div">
<img id="captcha-image" src="../util/captcha.php" alt="captcha verification">
<label class="reload">&#x21BB;</label>
</div>
<div class="form-group row">
<div class="col-sm-10">
<button type="submit" class="btn btn-primary" name="submit">Sign Up</button>
</div>
</div>
</form>
</div>
<?php
Expand Down
1 change: 1 addition & 0 deletions templates/footer.php
View file
Open in desktop
Expand Up @@ -9,6 +9,7 @@
<script src="/TPC-management-app/scripts/createPosition.js"></script>
<script src="/TPC-management-app/scripts/editJob.js"></script>
<script src="/TPC-management-app/scripts/index.js"></script>
<script src="/TPC-management-app/scripts/signup.js"></script>
<script src="/TPC-management-app/scripts/stats/job.js"></script>
<script src="/TPC-management-app/scripts/stats/dashboard.js"></script>
</body>
Expand Down
37 changes: 37 additions & 0 deletions util/captcha.php
View file
Open in desktop
@@ -0,0 +1,37 @@
<?php
// Start the session
require_once('../templates/startSession.php');

// import app variables
require_once('../appVars.php');

define('CAPTCHA_WIDTH', 180);
define('CAPTCHA_HEIGHT', 40);
define('CAPTCHA_NUMCHARS', 6);
define('CAPTCHA_LINES', 15);
define('CAPTCHA_DOTS', 1000);

$passphrase = "";
for($i=0; $i<CAPTCHA_NUMCHARS; $i++) {
$passphrase .= chr(rand(97, 122));
}
$_SESSION['passphrase'] = SHA1($passphrase);

$img = imagecreatetruecolor(CAPTCHA_WIDTH, CAPTCHA_HEIGHT);
$bg_color = imagecolorallocate($img, 255, 255, 255);
$text_color = imagecolorallocate($img, 0, 0, 0);
$graphic_color = imagecolorallocate($img, 34, 34, 34);

imagefilledrectangle($img, 0, 0, CAPTCHA_WIDTH, CAPTCHA_HEIGHT, $bg_color);
for ($i=0; $i<CAPTCHA_LINES; $i++) {
imageline($img, 0, rand() % CAPTCHA_HEIGHT, CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color);
}
for ($i=0; $i<CAPTCHA_DOTS; $i++) {
imagesetpixel($img, rand() % CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color);
}
imagettftext($img, 34, 0, 5, CAPTCHA_HEIGHT - 10, $text_color, CAPTCHA_FONT, $passphrase);

header("Content-type: image/png");
imagepng($img);
imagedestroy($img);
?>