#!/usr/bin/perl -T
use strict;
use warnings;
use CGI;
use CGI::Carp qw(fatalsToBrowser);
use CGI::FormBuilder;
use CGI::FormBuilder::Template::TT2;
use Email::Valid qw(address);
use Captcha::reCAPTCHA;
use lib "/path/to/keys";
use Keys qw(PRIVATE_KEY PUBLIC_KEY);
use Data::Dumper;
$CGI::POST_MAX = 1048576; # max 1MB allowed
$CGI::DISABLE_UPLOADS = 1; # disable file uploads
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # Make %ENV safer
$ENV{PATH} = '/usr/bin:/usr/local/bin:usr/lib';
## set the global data
my $crc = Captcha::reCAPTCHA->new;
my $crc_error = undef;
my $crc_html = $crc->get_html(PUBLIC_KEY, $crc_error);
my $formdata ;
my %valid = ( ## initially all valid
'email' => 0,
'crc' => 0,
);
my $addr;
my %email = ( ## the email field
name => 'email',
id => 'email',
label => 'Your email address : ',
values => $formdata->{email},
tabindex => 2,
size => 50,
maxlength =>100,
invalid => $valid{'email'},
);
my %crc_field = (
type => 'hidden',
name => 'crc',
id => 'crc',
invalid => $valid{'crc'},
values => $crc_html,
);
my %send = ( ## the submit button
name => 'send',
id => 'send',
type => 'submit',
value => 'Send',
label => 'Hit this button :',
tabindex => 5,
);
my @formfields = ('email', 'crc_field', 'send', ); ## the elements in the form
my $form = CGI::FormBuilder->new(
template => { ## the template being used
type=> 'TT2',
template => 'method2.tt',
variable => 'form',
engine => {
INCLUDE_PATH => './templates',
RELATIVE => '1',
}
},
id => 'form',
fields => \@formfields , ## declares where the formfields can be found
method => 'post', ## the HTML form method
action => $ENV{SCRIPT_NAME}, ## ensure the action is set properly
sticky => 1,
#debug => 2, ## sets the debug level int[0,3] ?
);
sub setfields {
$form->field( %email );
$form->field( %crc_field );
$form->field( %send );
}
sub chk_email {
# uses Email::Valid to check $addr is a valid email address
my $addr = shift;
my $emv = Email::Valid->new();
$emv->tldcheck(1);
$emv->mxcheck(1);
$addr = $emv->address(-address => $addr) if $addr;
return $addr;
}
sub chk_form {
# check the form data server side
# returns true if it is ok
my $ok = 0; ## not ok yet
$formdata = $form->field; ## retrieve the form data
my $addr = &chk_email($formdata->{'email'}) ; ## check the email address
if (defined $addr) {
$valid{'email'} = 1;
$ok = 1;
} else {
$valid{'email'} = 0;
}
}
## program starts
#
&setfields(); # set the form fields
if ($form->submitted ) {
my $ok = &chk_form(); ## check the form contents
# Now check reCAPTCHA response
my $crc_result;
my $crc_response;
my $crc_challenge;
## captcha data extracted from the form via cgi parameters
$crc_response = $form->cgi_param( 'recaptcha_response_field' ) ;
$crc_challenge = $form->cgi_param( 'recaptcha_challenge_field' ) ;
$crc_result = $crc->check_answer(
PRIVATE_KEY, $ENV{'REMOTE_ADDR'},
$crc_challenge, $crc_response,
);
);
## so now i have the result which may or may not contain the error
## $crc_result->{'is-valid'} will be either 0 or 1.
if ( ( $crc_result->{is_valid} ) && $ok ) { ## passed all the validation
##&cf_print();
print "Content-type: text/html\n\nall ok\n
";
} else { ## failed validation - there's an error
$crc_html = $crc->get_html(PUBLIC_KEY, $crc_error);
if ($valid{'email'} == 0 ) {
$email{'invalid'} = 1;
} else {
$email{'invalid'} = 0;
}
if ( (!( $crc_result->{is_valid} )) ) {
$crc_field{'values'} = $crc_result->{error};
$crc_field{'invalid'} = 1;
} else {
$crc_field{'invalid'} = 0;
}
&setfields(); # set the form fields
print $form->render(header => 1); ## re render the form and deal with the validity of the fields in the template
print "looked baad\n";
print "xxx".$crc_response."xxx\n
";
print "xxx".$crc_challenge."xxx\n
";
print Dumper($crc_result);
print Dumper($crc_html);
print "ok : ".$ok."
\n";
}
} else {
print $form->render(header => 1);
print Dumper($crc_html);
}