Captcha Problem

[darkfreaks]

okay i think my if statements are off or something but when i enter the code then press submit it does not submit even if i do enter the code correctly.

 

 

<?php

//Encrypt the posted code field and then compare with the stored key 


include('captcha.php');
include('connect.php');
include('func.php');
$datetime=date("D M j G:i:s T Y"); //date time
$name=$_POST['name'];
$comment=$_POST['comment'];
$email=$_POST['email'];
$submit=$_POST['submit'];

///removing XSS


$comment= RemoveXSS($comment);

if($_POST[comment]=="") {$error[comment]="<br>Please enter a comment";} else {unset($error[comment]);} 

if($_POST[name]=="") {$error[name]="Please enter a name";} else {unset($error[name]);} 

if($_POST[email]=="") {$error[email]="Please enter an email";} else {unset($error[email]);} 




?>
<?php if ($error) { ?>

<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong>Test Sign Guestbook </strong></td>
</tr>
</table>
<table width="400" border="0" align="center" cellpadding="0" cellspacing="1" >
<tr>
<form id="form1" name="form1" method="post" ">
<td>
<table width="400" border="0" cellpadding="3" cellspacing="1">
<tr>
<td width="117">Name</td>
<td width="14">:</td>
<td width="357"><input name="name" type="text" id="name" size="40" /><?php if ($_POST) { echo $error[name];} ?>
</td>
</tr>
<tr>
<td>Email</td>
<td>:</td>
<td><input name="email" type="text" id="email" size="40" /><?php if ($_POST) { echo $error[email];} ?>
</td>
</tr>
<tr>
<td valign="top">Comment</td>
<td valign="top">:</td>
<td><textarea name="comment" cols="40" rows="3" id="comment"></textarea><?php if ($_POST) { echo $error[comment];} ?>

</td>
</tr>
<tr>
<td> </td>
<td></td>
<tr><td valign="center"><img src="http://www.wiccan-gathering.com/lilysgraveyard/addons/Guestbook/guestbook.php?t=<?php print time(); ?>" border="0"> </td></tr>
<tr>
<td valign="center">Please Enter The Code:<input name="code" type="text" id="code" size="10" /></td></tr>

<td><input type="submit" name="Submit" value="Submit" /> <input type="reset" name="Submit2" value="Reset" /></td><td></tr>


</table>
</td>
</form>
</tr>
</table>
<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong><a href="http://www.lilysgraveyard.com/index.php?dir=addons/Guestbook&page=viewguestbook">View Guestbook</a> </strong></td>
</tr>

</table>

<?php
session_start(); 
if(isset($_POST['submit'])){
   if(md5($_POST['code']) != $_SESSION['key']) { 
      die("Error: You must enter the code correctly"); 

   }else{
      $sql="INSERT INTO guestbook(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
      $result=mysql_query($sql);
   }
}


mysql_close();
}
   


?>

[Ken2k7]

Replace

if(isset($_POST['submit'])){

 

With

if ($_POST['Submit']){

[darkfreaks]

it wont submit? i replaced the code.

[Ken2k7]

Hmm I don't know. It worked for me.

[darkfreaks]

it submitted i went back to my viewguestbook page and it wasnt there.

[teng84]

<form id="form1" name="form1" method="post" ">

 

that is your form where is the action there????

[darkfreaks]

there is no "action" im using the post method

[teng84]

there is no "action" im using the post method

 

I believe you have to tell to your script where should this action go to be process maybe you can use php self or the file name of your php you want to do this action

[darkfreaks]

no i dont? it worked fine before. the code got mucked up somehow.

[teng84]

i dont use any thing like captcha that your using but i really think you need to add a form action can you try it and tell us what happen

[Jessica]

If there is no action the default is itself.

What do you mean by it won't submit? When you click the button nothing at all happens, or when you click it the page reloads, what?

[darkfreaks]

when i enter the code and hit submit for security reasons it loads a bank page so you cant double post. which i think is cool. anyway i linked it back to the viewguestbook.php page and there is no new post.

[teng84]

lol what link? if your saying that you hit the link to get back on that page then  the post data will be no longer present on that page thats normal. whats the prob?

[darkfreaks]

it is sposed to submit to the database if correct and its not?

[teng84]

?php
session_start(); 
if(isset($_POST['submit'])){
   if(md5($_POST['code']) != $_SESSION['key']) { 
      die("Error: You must enter the code correctly"); 

   }else{
      $sql="INSERT INTO guestbook(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
      $result=mysql_query($sql);
   }
}


mysql_close();
}
   

 

that is your code you should have an error out of that code because you have session start not on the topmost of the page.

 

try to add an action $_SERVER['PHP_SELF'];

then try to echo those post you have to see if you really get some value for that

[darkfreaks]

nothing changed i added session_start; at the top and also put action="<?php $_SERVER['PHP_SELF']; ?>"

 

none of which worked

[teng84]

its really confusing first you should receive an error on that session declaration before ?

are you sure you have php installed

[darkfreaks]

yes i have the latest version of PHP installed.

 

 

seee for yourself

 

 

http://www.lilysgraveyard.com/index.php?dir=addons/Guestbook&page=guestbook

[teng84]

so you want the form stay?

 

then i guess you have to check this or reformat that part

<?php if ($error) { ?>

 

 

[darkfreaks]

nnonono that part is fine if i remove that the errors wont work

[teng84]

ok I click on the submit button and it gives me a blank page now what do you want to happen?

[darkfreaks]

Its sposed to give you a blank page that is security i added to prevent double posting or refreshing the page. but it still should have submitted to the database. but its not. you should be able to go back to view guestbook and view it but its not there.

[teng84]

try

<?php
session_start(); 
//Encrypt the posted code field and then compare with the stored key 
include('captcha.php');
include('connect.php');
include('func.php');
$datetime=date("D M j G:i:s T Y"); //date time
$name=$_POST['name'];
$comment=$_POST['comment'];
$email=$_POST['email'];
$submit=$_POST['submit'];

///removing XSS


$comment= RemoveXSS($comment);

if($_POST[comment]=="") {$error[comment]="<br>Please enter a comment";} else {unset($error[comment]);} 

if($_POST[name]=="") {$error[name]="Please enter a name";} else {unset($error[name]);} 

if($_POST[email]=="") {$error[email]="Please enter an email";} else {unset($error[email]);} 
if($error) {?>

<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong>Test Sign Guestbook </strong></td>
</tr>
</table>
<table width="400" border="0" align="center" cellpadding="0" cellspacing="1" >
<tr>
<form id="form1" name="form1" method="post" action="<?php $_SERVER['PHP_SELF']?>">
<td>
<table width="400" border="0" cellpadding="3" cellspacing="1">
<tr>
<td width="117">Name</td>
<td width="14">:</td>
<td width="357"><input name="name" type="text" id="name" size="40" /><?php if ($_POST) { echo $error[name];} ?>
</td>
</tr>
<tr>
<td>Email</td>
<td>:</td>
<td><input name="email" type="text" id="email" size="40" /><?php if ($_POST) { echo $error[email];} ?>
</td>
</tr>
<tr>
<td valign="top">Comment</td>
<td valign="top">:</td>
<td><textarea name="comment" cols="40" rows="3" id="comment"></textarea><?php if ($_POST) { echo $error[comment];} ?>

</td>
</tr>
<tr>
<td> </td>
<td></td>
<tr><td valign="center"><img src="http://www.wiccan-gathering.com/lilysgraveyard/addons/Guestbook/guestbook.php?t=<?php print time(); ?>" border="0"> </td></tr>
<tr>
<td valign="center">Please Enter The Code:<input name="code" type="text" id="code" size="10" /></td></tr>

<td><input type="submit" name="Submit" value="Submit" /> <input type="reset" name="Submit2" value="Reset" /></td><td></tr>


</table>
</td>
</form>
</tr>
</table>
<table width="400" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><strong><a href="http://www.lilysgraveyard.com/index.php?dir=addons/Guestbook&page=viewguestbook">View Guestbook</a> </strong></td>
</tr>

</table>

<?php }
else{
if(isset($_POST['submit'])){
   if(md5($_POST['code']) != $_SESSION['key']) { 
	  die("Error: You must enter the code correctly"); 

   }else{
	  $sql="INSERT INTO guestbook(name, email, comment, datetime)VALUES('$name', '$email', '$comment', '$datetime')";
	  $result=mysql_query($sql);
   }
}
mysql_close();
}
?>

 

if there minor error kindly fix it  LOL

[darkfreaks]

somethings still horribly wrong ???

[teng84]

whats wrong ?