b2k Posted July 31, 2007 Share Posted July 31, 2007 Hi everybody, Now, I`m creating an script, but i`m using a captcha, so my problem is that if the captcha is true, so we redirect to a secure web form, see it. if ( ($_REQUEST["txtCaptcha"] == $_SESSION["security_code"]) && (!empty($_REQUEST["txtCaptcha"]) && !empty($_SESSION["security_code"])) ) { echo "<h1>Test successful!</h1>"; } else { echo "<h1>Error!</h1>"; I want redirect if the captcha is true to the form..... How can i do that Quote Link to comment Share on other sites More sharing options...
the_oliver Posted July 31, 2007 Share Posted July 31, 2007 Use headers. See the top of this forum section. If however you have already sent output you could use an HTML refresh. Quote Link to comment Share on other sites More sharing options...
almightyegg Posted July 31, 2007 Share Posted July 31, 2007 function redirect($time, $link) { echo "<meta http-equiv=\"refresh\" content=\"{$time}; url={$link}\" /> "; } redirect(0, "YOUR URL GOES HERE"); You don't need to edit anything else...I don't know what $time is even Quote Link to comment Share on other sites More sharing options...
the_oliver Posted July 31, 2007 Share Posted July 31, 2007 $time is how long it should be untill your page refreshes. So if its 0 then it will refresh instantly. It its 10 it will do so in 10 seconds. Quote Link to comment Share on other sites More sharing options...
b2k Posted July 31, 2007 Author Share Posted July 31, 2007 Thanks for answered, but look.. The script is a captcha, if the user put the correct code i have to redirect to the form, but if i do like you say, somebody can skip that step. Quote Link to comment Share on other sites More sharing options...
the_oliver Posted July 31, 2007 Share Posted July 31, 2007 How? You simply put the redirect inside the if statment. You will have to check that the user is logged in for every other page viewed, but there is no way round that. Quote Link to comment Share on other sites More sharing options...
almightyegg Posted July 31, 2007 Share Posted July 31, 2007 if ( ($_REQUEST["txtCaptcha"] == $_SESSION["security_code"]) && (!empty($_REQUEST["txtCaptcha"]) && !empty($_SESSION["security_code"])) ) { echo "<h1>Test successful!</h1>"; $time = 0; // however long you want it to take to refresh in seconds... function redirect($time, $link) { echo "<meta http-equiv=\"refresh\" content=\"{$time}; url={$link}\" /> "; } redirect(0, "YOUR URL GOES HERE"); } else { echo "<h1>Error!</h1>"; } Quote Link to comment Share on other sites More sharing options...
chombone Posted July 31, 2007 Share Posted July 31, 2007 I'd use the header function e.g. header( "Location:http://www.yoursite.com/yournewpage.html"); Quote Link to comment Share on other sites More sharing options...
b2k Posted July 31, 2007 Author Share Posted July 31, 2007 oK, supposly that i did....i redirect to that file.. redirect(0, "http://test.org/site2.html"); The user can simply put in the browser site2.html and skip the captcha Quote Link to comment Share on other sites More sharing options...
the_oliver Posted July 31, 2007 Share Posted July 31, 2007 Ah, So maybe you should use a database. If when a user succesfully logs in, there sesion id is added to a database. The on every page you check the users session id against the database. If its not in there then they canot see the page. Then as you increase the security, you can check it agains the users name, stored in a cookie, or in the session. Quote Link to comment Share on other sites More sharing options...
b2k Posted July 31, 2007 Author Share Posted July 31, 2007 Ah, So maybe you should use a database. If when a user succesfully logs in, there sesion id is added to a database. The on every page you check the users session id against the database. If its not in there then they canot see the page. Then as you increase the security, you can check it agains the users name, stored in a cookie, or in the session. Thanks, that`s was for i looking for, but i not have any idea....maybe....the problem is that i dont have idea... Quote Link to comment Share on other sites More sharing options...
chombone Posted July 31, 2007 Share Posted July 31, 2007 If you use the "header" syntax in your PHP, it has the advantage that the user can't see it, so they can't put it in the browser address field... Hope that helps. Quote Link to comment Share on other sites More sharing options...
b2k Posted July 31, 2007 Author Share Posted July 31, 2007 Well, thats true, but the script not have a big security Quote Link to comment Share on other sites More sharing options...
almightyegg Posted July 31, 2007 Share Posted July 31, 2007 If you want security you need MySQL databses Quote Link to comment Share on other sites More sharing options...
b2k Posted July 31, 2007 Author Share Posted July 31, 2007 If you want security you need MySQL databses Ok, give me and idea....and if you can a little example Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.