pneudralics Posted November 17, 2008 Share Posted November 17, 2008 I'm having issues with my login. I have the user and password plus a random question from a database with 3 rows. So I should have a random question (from 3 questions) and the correct answer for the user to be able to login. When I don't use the RAND() in my login everything logs in fine with the same question. When I use RAND() in my question and answer to get random questions to display I seem to have issues. I've echoed the answer and the answer is in the same row as the question so it should log me in. The problem I'm having is it doesn't let me log in even if I input the correct answer. I'll just keep trying different answer from the database and it'll eventually let me login even if the answer is not correct. I can't seem to figure this one out. My isset I got compares the posted answer with the answer from the database but I can't login with it. I guess it'll randomize the answer when I submit and radomly let me login with one of the answers. <?php include ('../c/connect.php'); ?> <center> <img src="/images/logo.gif" alt="" /> <br /> <br /> <b>Login below to proceed...</b> <br /> <br /> <?php //Select and Retrieve and print question/answer query $qselect = "SELECT * FROM question ORDER BY RAND() LIMIT 1"; if ($qresult = mysql_query ($qselect)) { while ($row = mysql_fetch_array ($qresult)) { $question = $row['question']; $answer = $row['answer']; $answer = mysql_real_escape_string ($answer); echo "$answer"; } } //Select and Retrieve username $uselect = "SELECT * FROM admin"; if ($uresult = mysql_query ($uselect)) { while ($row = mysql_fetch_array ($uresult)) { $username = $row['username']; $username = mysql_real_escape_string ($username); } } //Select and Retrieve password $pselect = "SELECT * FROM admin"; if ($presult = mysql_query ($pselect)) { while ($row = mysql_fetch_array ($presult)) { $password = $row['password']; $password = mysql_real_escape_string ($password); } } //Form submission if (isset ($_POST['submit'])) { if ( (!empty ($_POST['username'])) && (!empty ($_POST['password'])) ) { //Check username and password if ( ($_POST['username'] == "$username") && ($_POST['password'] == "$password") ) { //Check answer if (!empty ($_POST['answer']) ) { if ($_POST['answer'] == "$answer") { //Start session session_start(); $_SESSION['username'] = "$username"; //Redirect to index2.php header ('Location: index2.php'); exit (); } else { echo '<font color="red">Your answer was incorrect.</font><br />'; } } else { echo '<font color="red">You left something blank.</font><br />'; } } else { echo '<font color="red">Wrong username or password.</font><br />'; } } else { echo '<font color="red">You left something blank.</font><br />'; } } ?> <br /> <br /> <form action="index.php" method="post"> Username <input type="text" name="username" size="20" maxlength="20" /> <br /> <br /> Password <input type="password" name="password" size="20" maxlength="20" /> <br /> <br /> <b> <?php echo "$question"; ?> </b> <br /> <br /> Answer <input type="text" name="answer" size="20" maxlength="20" /> <br /> <br /> <input type="submit" name="submit" value="Submit" /> </form> </center> Quote Link to comment https://forums.phpfreaks.com/topic/133086-logging-in-issues-with-rand/ Share on other sites More sharing options...
.josh Posted November 17, 2008 Share Posted November 17, 2008 I believe your problem is that it selects a random question every time you load the page. So for example, when you first go to the page it selects for instance question 2 but when you hit the submit button and the page reloads, your script turns around and selects another random question/answer and then compares the posted var to it. Quote Link to comment https://forums.phpfreaks.com/topic/133086-logging-in-issues-with-rand/#findComment-692116 Share on other sites More sharing options...
pneudralics Posted November 17, 2008 Author Share Posted November 17, 2008 I believe your problem is that it selects a random question every time you load the page. So for example, when you first go to the page it selects for instance question 2 but when you hit the submit button and the page reloads, your script turns around and selects another random question/answer and then compares the posted var to it. I kind of thought something like that. How can I fix the problem if I want random questions with the login? Is there a better approach to this? Quote Link to comment https://forums.phpfreaks.com/topic/133086-logging-in-issues-with-rand/#findComment-692202 Share on other sites More sharing options...
dropfaith Posted November 17, 2008 Share Posted November 17, 2008 one way to avoid the issue he mentioned would make the form submit to a different page that way it wouldnt be refreshing and changing the question Quote Link to comment https://forums.phpfreaks.com/topic/133086-logging-in-issues-with-rand/#findComment-692205 Share on other sites More sharing options...
.josh Posted November 17, 2008 Share Posted November 17, 2008 Or you could store the value in a session var and check the posted var against that, and wrap the query itself in a if(!$_POST) { ...} Quote Link to comment https://forums.phpfreaks.com/topic/133086-logging-in-issues-with-rand/#findComment-692278 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.