$php_mysql$ Posted August 10, 2011 Share Posted August 10, 2011 here is my form.php <?php session_start(); $digit1 = mt_rand(1,20); $digit2 = mt_rand(1,20); if( mt_rand(0,1) === 1 ) { $math = "$digit1 + $digit2"; $_SESSION['answer'] = $digit1 + $digit2; } else { $math = "$digit1 - $digit2"; $_SESSION['answer'] = $digit1 - $digit2; } if(count($_POST)){ $postData = $_POST; $files = $_FILES; $error = ErrorCheck($postData, $_FILES); if(count($error) == 0) { insertData($postData); } } ?> <form action="post_ads.php" name="postads" method="post" enctype="multipart/form-data"/> Ad Description*: <br/> <textarea name="description" cols="40" rows="15"/><?php echo $postData['description'];?></textarea> <?php if($error['description'] !='') { echo '<div class="error_msg">'.$error['description'].'</div>'; } ?> <br/> What's <?php echo $math; ?> = <input name="answer" type="text" /><br /> <?php if($error['answer'] !='') { echo '<div class="error_msg">'.$error['answer'].'</div>'; } ?> <br/> <input type="submit" name="submit" value="Post"/> </form> and here is my function.php function ErrorCheck($dataError, $_FILES){ $errormsg = array(); if(!isset($_SESSION['answer']) || $_SESSION['answer'] != $_SESSION['answer'] ) { $errormsg['answer'] = 'Seems like you are weak in math, Incorrect answer!'; }else{ $errormsg['answer'] = 'Correct answer!'; unset($_SESSION['answer']); } if($dataError['description'] == '') { $errormsg['description'] = 'description is required!'; } return $errormsg; } Quote Link to comment Share on other sites More sharing options...
trq Posted August 10, 2011 Share Posted August 10, 2011 You are comparing $_SESSION['answer'] to $_SESSION['answer']. They are the same thing and will always be equal. Quote Link to comment Share on other sites More sharing options...
$php_mysql$ Posted August 10, 2011 Author Share Posted August 10, 2011 what will be the solution? Quote Link to comment Share on other sites More sharing options...
$php_mysql$ Posted August 13, 2011 Author Share Posted August 13, 2011 any help here? how must i compare then? Quote Link to comment Share on other sites More sharing options...
MasterACE14 Posted August 13, 2011 Share Posted August 13, 2011 the user input '$_POST' for the captcha needs to be compared to $_SESSION['answer'] Quote Link to comment Share on other sites More sharing options...
$php_mysql$ Posted August 13, 2011 Author Share Posted August 13, 2011 so i tried this function postErrorCheck($dataError, $_FILES, $_SESSION){ $errormsg = array(); if (!isset($_SESSION['answer']) && $_SESSION['answer'] !== $dataError['answer']) { $errormsg['answer'] = 'Seems like you are weak in math, Incorrect answer!'; }else{ $errormsg['answer'] = 'Correct answer!'; printr($_SESSION['answer']); unset($_SESSION['answer']); } still it keep saying correct answer Quote Link to comment Share on other sites More sharing options...
$php_mysql$ Posted August 13, 2011 Author Share Posted August 13, 2011 did this now ///////////////////////////////////////////// function postErrorCheck($dataError){ $errormsg = array(); if(isset($_SESSION['answer']) && $dataError['answer'] == '') { $errormsg['answer'] = 'You did not enter a answer!'; }else if($_SESSION['answer'] !== $dataError['answer']) { $errormsg['answer'] = 'Your answer is wrong!'; }else if($_SESSION['answer'] == $dataError['answer']) { unset($_SESSION['answer']); } if($dataError['description'] == '') { $errormsg['description'] = 'description is required!'; } return $errormsg; } still it says wrong answer to captcha Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted August 13, 2011 Share Posted August 13, 2011 do you mean NOT ISSET or!isset i am pretty sure that is why it is returning correct because your checking if it is empty yet also your checking if it isset. Quote Link to comment Share on other sites More sharing options...
jcbones Posted August 13, 2011 Share Posted August 13, 2011 Instead of: if(isset($_SESSION['answer']) && $dataError['answer'] == '') { Why can't you do: if(!empty($_POST['answer']) && $_POST['answer'] != $_SESSION['answer']) { //suggested by MasterACE14 Quote Link to comment Share on other sites More sharing options...
$php_mysql$ Posted August 13, 2011 Author Share Posted August 13, 2011 what is wrong with this logic then? if($dataError['answer'] == '') { $errormsg['answer'] = 'You did not enter a answer!'; }else if(!isset($_SESSION['answer']) && $dataError['answer'] !== $_SESSION['answer']) { $errormsg['answer'] = 'You entered a wrong answer!'; }else if($dataError['answer'] == $_SESSION['answer']) { unset($_SESSION['answer']); } Quote Link to comment Share on other sites More sharing options...
jcbones Posted August 13, 2011 Share Posted August 13, 2011 What is wrong with it, is that you have not posted where $dataError['answer'] is coming from. Therefore, we cannot tell how it is populated. Also, if it is a dataError it should nor would ever in any possibility contain the same as SESSION['answer'] UNLESS you code your errors to the answer index of the SESSION array. Quote Link to comment Share on other sites More sharing options...
$php_mysql$ Posted August 13, 2011 Author Share Posted August 13, 2011 lol sorry ok here it is <?php session_start(); error_reporting(0); include 'functions.php'; //printr($_SESSION); $digit1 = mt_rand(1,20); $digit2 = mt_rand(1,20); if( mt_rand(0,1) === 1 ) { $math = "$digit1 + $digit2"; $_SESSION['answer'] = $digit1 + $digit2; } else { $math = "$digit1 - $digit2"; $_SESSION['answer'] = $digit1 - $digit2; } if(count($_POST)){ $postData = $_POST; printr($postData); $postData = cleanData($postData); $files = $_FILES; $error = postErrorCheck($postData, $_FILES); if(count($error) == 0) { insertData($postData); unset($postData); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <form action="try.php" name="postads" method="post" enctype="multipart/form-data"/> Ad Description*: <br/> <textarea name="description" cols="40" rows="15"/><?php echo $postData['description'];?></textarea> <?php if($error['description'] !='') { echo '<div class="error_msg">'.$error['description'].'</div>'; } ?> <br/> What's <?php echo $math; ?> = <input name="answer" type="text" /><br /> <?php if($error['answer'] !='') { echo '<div class="error_msg">'.$error['answer'].'</div>'; } ?> <br/> <input type="submit" name="submit" value="Post Ad"/> </form> <body> </body> </html> and here is the functions.php ///////////////////////////////////////////// function postErrorCheck($dataError){ $errormsg = array(); if($dataError['answer'] == '') { $errormsg['answer'] = 'You did not enter a answer!'; }else if(!isset($_SESSION['answer']) && $dataError['answer'] !== $_SESSION['answer']) { $errormsg['answer'] = 'You entered a wrong answer!'; }else if($dataError['answer'] == $_SESSION['answer']) { unset($_SESSION['answer']); } if($dataError['description'] == '') { $errormsg['description'] = 'description is required!'; } return $errormsg; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.