PHP Sessions & Forms

Question

Edit

How can I rewrite this PHP code for POST[ 'phrase' ] == session[ 'phrase' ] ?

psuedo-code

//process_form.php

PHP
session_start()

IF POST SUBMIT
    IF empty text1 && empty text2 
        echo error msg, include HTML FORM

    ELSE IF empty radiobtn 
        echo error msg, include HTML FORM

    ELSE IF 
        isset POST[phrase] isstring POST[phrase] isset SESSION[phrase]
        strlen POST[phrase] > 0 strlen SESSION[phrase] > 0 
        POST[phrase] == SESSION[phrase]

        SQL INSERT

    ELSE
        echo POST[phrase]
        echo SESSION[phrase]

ELSE
    include HTML FORM
/PHP

FORM

PHP
PEAR CAPTCHA Settings ...
require_once 'Text/captcha.php'
/PHP

HTML
FORM METHOD POST process_form.php
    text1
    text2
    radio
    PHP echo [ img src= sha1(session_id()) . '.png?' . time() ] /PHP
    submit 
/HTML

Never include a page into "design". But contrary, do include HTML template into PHP page. having such a page with includes has no sense. Access pages directly. And make them use templates. See http://stackoverflow.com/questions/3988627/using-template-on-php/3989380#3989380 You will have not a single problem with headers, sessions, captchas, whatever — Your Common Sense, Oct 22 '10 at 21:09

score 1 · Accepted Answer · answered Oct 22 '10 at 22:01

1

You can use this for your captcha http://www.desarrolloweb.com/articulos/poner-captcha-en-3-pasos.html

Try to use implemented captcha instead of make yours, because is much more probably that these captchas are hard tested now.

I'm not sure if you put session_start() after some html code is right. Since i remenber you receive an error like "Headers already sent". Check that just for be sure

Cheers.

answered Oct 22 '10 at 22:01

Ron

2,215
3
22
30

RDAM is right. If you're using cookie-based sessions (as opposed to URL-based ones), you need to call session_start() [before any HTML output](http://us.php.net/manual/en/function.session-start.php). – William Linton Oct 22 '10 at 22:23
I re-worded what I was getting at. – rrrfusco Oct 26 '10 at 08:14

score 0 · Answer 2 · edited May 23 '17 at 11:56

0

If you're willing to dive a bit into Zend Form (it's worth it), look into this answer's Default_Form_ReCaptcha. Here's how you might use it without the ZF stack:

$form = new Default_Form_ReCaptcha();
if (! empty($_POST)) {
    if ($form->isValid($_POST)) {
        // valid captcha was entered!
        $values = $form->getValues(); // all form values
    }
}
$formHtml = (string)$form;

edited May 23 '17 at 11:56

Community

1
1

answered Oct 23 '10 at 03:49

Steve Clay

8,671
2
42
48

PHP Sessions & Forms

2 Answers2