There are two files here that are modified, maincore.php and contact.php, make sure to back up both of these files now.
Let's start with contact.php, where most of the changes are gonna be, at about line 63
<tr><td valign='top' width='90'>".$locale['405']."</td>
<td><textarea name='message' rows='10' class='textbox' style='width: 320px'></textarea></td>
</tr>
<tr>
<td align='center' colspan='2'>
<input type='submit' name='sendmessage' value='".$locale['406']."' class='button'>
</td>
</tr>
where we will add code to show the validation code and also ask the user for it,
<tr><td valign='top' width='90'>".$locale['405']."</td>
<td><textarea name='message' rows='10' class='textbox' style='width: 320px'></textarea></td>
</tr>";
$locale['504'] = "Validation Code:";
$locale['505'] = "Enter Validation Code:";
echo "<tr>\n<td class='tbl'>".$locale['504']."</td>\n<td class='tbl'>";
srand((double)microtime()*1000000);
$temp_num = md5(rand(0,9999));
$vcode_1 = substr($temp_num, 17, 5);
$vcode_2 = md5($vcode_1);
unset($temp_num);
$result = dbquery("INSERT INTO ".$db_prefix."vcode VALUES('".time()."', '$vcode_1', '$vcode_2')");
if ($settings['validation_method'] == "image") {
echo "<img xsrc='?vimage_c=$vcode_2'>\n";
} else {
echo "<b>$vcode_1</b>\n";
}
unset($vcode_1,$vcode_2);
echo "</td>\n</tr>\n";
echo "<tr>
<td class='tbl'>".$locale['505']."<span style='color:#ff0000'>*</span></td>
<td class='tbl'><input type='text' name='user_code' class='textbox' style='width:100px'></td>
</tr>\n
<tr>
<td align='center' colspan='2'>
<input type='submit' name='sendmessage' value='".$locale['406']."' class='button'>
</td>
</tr>
as you read the code above, you'll notice that there are some locales that it calls for, these are not defined for this file, yet, we will add there definition later. The only reason I don't call the default locale file where these are from is that it would overlap with some of the other locales and screw things up royally, so its just best to add these two fields to this file (as is done by the two lines in brown). (if you really want to try it, add the following to the top of contact.php and you'll see
include LOCALE.LOCALESET."register.php";
if it does work for you without fail, then great let me know ... i might have done something else wrong!)
now back to on track, the code above that we added is the creation of the validation code (code in blue) and then the display and request of it (code in red) ... but we still have to make sure that the code entered is actually valid and correct!
so we go up to line 31, where the information put in the contact me form is checked before email being sent out .. we are gonna add the validation code check here,
if ($message == "") {
$error .= "ˇ <span class='alt'>".$locale['423']."</span><br>\n";
}
will become
if ($message == "") {
$error .= "ˇ <span class='alt'>".$locale['423']."</span><br>\n";
}
$user_code = stripinput($_POST['user_code']);
$result = dbquery("SELECT * FROM ".$db_prefix."vcode WHERE vcode_1='$user_code'");
$locale['410'] = "Incorrect validation code.";
if (dbrows($result) == 0) {
$error .= "ˇ <span class='alt'>".$locale['410']."</span><br>\n";
} else {
$result = dbquery("DELETE FROM ".$db_prefix."vcode WHERE vcode_1='$user_code'");
}
the added code here will make sure that the entered validation code is correct or else it will throw back an error.
that's it for this file, save and close it.
Articles 
