performing the human check

[roguewarrior]

Hey guys,

 

I've got a php form that requires the user to fill out a distorted words box for validity.

 

Before I put this in, the code was simple

 

...

<form ... action="insert.php">

...

<submit type = "submit" name = "submit" value = "register">

 

Then the insert.php page would grab the variables, such as $name, $email, etc and say "Thanks for registering, $name!" and so on.

 

That all worked great until the check was added.  If I leave insert.php in the action value for the form, it allows for the insertion without validating the check.  And if I put insert.php as a destination, like so:

 

if ($resp->is_valid) {

    header("Location: insert.php");

  } else {

    $error = $resp->error;

  }

 

Then after the validation has been made, it goes to insert.php but none of the variables get posted over.

 

Does anyone know how to fix this or what else needs to be done to make sure the check works and all of the information gets carried over?

 

Thanks in advance!

 

[zeodragonzord]

I'm not clear on your situation but it looks like you're trying to use a captcha.  The idea is that when you generate the form page, you also generate a keyword.  This keyword is stored in some location, such as a session variable and you also generate an image out of the keyword to be displayed on the form.  Additionally, you'll have the text field for th user to type the word in.

 

When the user submits to the form, the next page that processes it will compare that value that the user entered with the keyword that is stored in the session variable.  If it matches, all as well and you can proceed.  If it doesn't match, go back to the form page.  That check should probably go into your insert.php page.