1. 首页
  2. 问答
  3. 如何启用验证码

如何启用验证码

2011-04-14 84 views
2

我尝试用标签如何启用验证码

{{capture}}

预期的输出是验证码框启用验证码。相反,我看到的一样,直接在页面上的代码看起来像一个错误显示的验证码

<script type="text/javascript" src="http://api.recaptcha.net/ challenge?k=6LckUsMSAAAAAGcZR3JZw6Dusn4wKBBfZxHXh8w5"></script> <noscript> <iframe src="http://api.recaptcha.net/noscript?k=6LckUsMSAAAAAGcZR3JZw6Dusn4wKBBfZxHXh8w5" height="300" width="500" frameborder="0"></iframe><br /> <textarea name="recaptcha_challenge_field" rows="3" cols="40"></ textarea> <input type='hidden' name='recaptcha_response_field' value='manual_challenge' /> </noscript>

任何想法,我该怎么处理?到错误的链接是here我用的是代码直接使用的reCAPTCHA API与命名captcha.py此文件:

import urllib2, urllib 

API_SSL_SERVER="https://api-secure.recaptcha.net" 
API_SERVER="http://api.recaptcha.net" 
VERIFY_SERVER="api-verify.recaptcha.net" 

class RecaptchaResponse(object): 
    def __init__(self, is_valid, error_code=None): 
     self.is_valid = is_valid 
     self.error_code = error_code 

def displayhtml (public_key, 
       use_ssl = False, 
       error = None): 
    """Gets the HTML to display for reCAPTCHA 

    public_key -- The public api key 
    use_ssl -- Should the request be sent over ssl? 
    error -- An error message to display (from 
RecaptchaResponse.error_code)""" 

    error_param = '' 
    if error: 
     error_param = '&error=%s' % error 

    if use_ssl: 
     server = API_SSL_SERVER 
    else: 
     server = API_SERVER 

    return """<script type="text/javascript" src="%(ApiServer)s/ 
challenge?k=%(PublicKey)s%(ErrorParam)s"></script> 

<noscript> 
    <iframe src="%(ApiServer)s/noscript?k=%(PublicKey)s%(ErrorParam)s" 
height="300" width="500" frameborder="0"></iframe><br /> 
    <textarea name="recaptcha_challenge_field" rows="3" cols="40"></ 
textarea> 
    <input type='hidden' name='recaptcha_response_field' 
value='manual_challenge' /> 
</noscript> 
""" % { 
     'ApiServer' : server, 
     'PublicKey' : public_key, 
     'ErrorParam' : error_param, 
     } 


def submit (recaptcha_challenge_field, 
      recaptcha_response_field, 
      private_key, 
      remoteip): 
    """ 
    Submits a reCAPTCHA request for verification. Returns 
RecaptchaResponse 
    for the request 

    recaptcha_challenge_field -- The value of 
recaptcha_challenge_field from the form 
    recaptcha_response_field -- The value of recaptcha_response_field 
from the form 
    private_key -- your reCAPTCHA private key 
    remoteip -- the user's ip address 
    """ 

    if not (recaptcha_response_field and recaptcha_challenge_field and 
      len (recaptcha_response_field) and len 
(recaptcha_challenge_field)): 
     return RecaptchaResponse (is_valid = False, error_code = 
'incorrect-captcha-sol') 


    def encode_if_necessary(s): 
     if isinstance(s, unicode): 
      return s.encode('utf-8') 
     return s 

    params = urllib.urlencode ({ 
      'privatekey': encode_if_necessary(private_key), 
      'remoteip' : encode_if_necessary(remoteip), 
      'challenge': 
encode_if_necessary(recaptcha_challenge_field), 
      'response' : 
encode_if_necessary(recaptcha_response_field), 
      }) 

    request = urllib2.Request (
     url = "http://%s/verify" % VERIFY_SERVER, 
     data = params, 
     headers = { 
      "Content-type": "application/x-www-form-urlencoded", 
      "User-agent": "reCAPTCHA Python" 
      } 
     ) 

    httpresp = urllib2.urlopen (request) 

    return_values = httpresp.read().splitlines(); 
    httpresp.close(); 

    return_code = return_values [0] 

    if (return_code == "true"): 
     return RecaptchaResponse (is_valid=True) 
    else: 
     return RecaptchaResponse (is_valid=False, error_code = 
return_values [1])

而我使用它是迄今为止在HTTP GET和POST处理程序:

template_values.update(dict(capture=captcha.displayhtml(public_key = CAPTCHA_PUB_KEY, use_ssl = False, error = None)))

是GET处理程序和POST有

def post(self, view): 
    challenge = self.request.get('recaptcha_challenge_field') 
    response = self.request.get('recaptcha_response_field') 
    remoteip = os.environ['REMOTE_ADDR'] 
    cResponse = captcha.submit(
      challenge, 
      response, 
      CAPTCHA_PRV_KEY, 
      remoteip) 

if cResponse.is_valid==True: 
    isHuman=True 
else: 
    isHuman=False

。我应该如何继续?

UPDATE:要继续我还补充说,只有让通过其中变量isHuman =真,我想重定向到表单页面,而不是打印错误消息的逻辑:

def post(self, view): 
    challenge = self.request.get('recaptcha_challenge_field') 
    response = self.request.get('recaptcha_response_field') 
    remoteip = os.environ['REMOTE_ADDR'] 
    cResponse = captcha.submit(
       challenge, 
       response, 
       CAPTCHA_PRV_KEY, 
       remoteip) 

    if cResponse.is_valid==True: 
     isHuman=True 
    else: 
     isHuman=False 
     self.response.out.write('captcha failed') #TO DO: redirect to form page 
     return

来源

2011-04-14 Niklas Rosencrantz

+0

是{{捕获}}的脚本标签中..? – 2011-04-14 11:45:34

回答

5

你是一个Django自动转义的受害者。

尝试{{capture|safe}}

来源

2011-04-14 12:58:00 geoffspear

+0

它的工作原理。谢谢! – 2011-04-15 10:54:27

+0

大声笑,我有与jinja2相同的问题。 – 2012-06-01 22:59:51

4

Django的模板系统默认为自动执行HTML转义来避免事情像跨站点脚本攻击 - 这是什么打开所有的HTML的<tag> s转换&lt;tag &gt;

为了防止这种情况,你可以调用safe过滤器,如:

{{capture|safe}}

来源

2011-04-14 12:58:31 bgporter

+0

谢谢你的解决方案。我已经更新了它与我尝试的下一步工作:当'isHuman = false'时重定向到表单页面 – 2011-04-15 11:04:43

+0

您应该将它作为单独的问题发布,我认为... – bgporter 2011-04-15 11:40:44

相关问题

 相关问题