Hi all!
I am new so don't hate if I write something in a bad way. Thanks.
I have a "logical captcha" which is like a quiz.
Here is my code. I don't know what is wrong with it
<?php
$database_db="general";
$user_db="root";
$password_db="somepass";
$host_db="localhost";
$link = mysqli_connect($host_db, $user_db, $password_db, $database_db);
if (mysqli_connect_errno())
{
die ("couldnot connect: ".mysqli_connect_error());
exit();
}
$answer = $_POST['answer'];
if (array_key_exists("answer", $_POST) AND array_key_exists("question", $_POST))
{
$id = intval($_POST['question']);
$sql="SELECT question, answer FROM captcha WHERE question='$id' AND answer='".mysqli_real_escape_string($link, $answer)."'";
$result = mysqli_query($link, $sql) or exit('$sql failed: '.mysqli_error($link));
$num_rows = mysqli_num_rows($result);
if($num_rows > 0)
{
header("Location: success.php");
}
else
{
header("Location: error.php");
}
exit;
}
else
{
$query = "SELECT id, question FROM `captcha` ORDER BY RAND() LIMIT 1";
if ($result = mysqli_query($link, $query))
{
if ($row = mysqli_fetch_assoc($result))
{
$id = $row["id"];
$question = $row["question"];
}
}
}
?>
<html>
<body>
<form method="post">
<?php echo $question; ?><br />
<input type="hidden" name="question" id="question" value="<?php echo $id; ?>" />
<input type="text" name="answer" id="answer" /><br />
<input type="submit" name="submit" value="submit" /><br />
</form>
</body>
</html>
So the problem is that it always redirects to error.php, even if I enter the right answer