0

I'm making something similar a captha, the not working part is the IF, under if(isset($_POST['submit'])), that always returns false. I think. Tried a lot ways with no luck... Anyway, I have followed this solution https://stackoverflow.com/a/21504949/4167976 without success.

Here is my test php and html:

<?php
session_start();
$char = "abcdefghijklmnopqrstuvwxyz1234567890";
$code = $char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)];
$_SESSION["testcode"] = $code;
echo $_SESSION["testcode"]."<br>"; // echo here only for testing

if(isset($_POST['submit'])) {
    $code1 = mb_substr($_POST['fullcode'], 0, 5);
    $code2 = mb_substr($_POST['fullcode'], -6);

    if ($code2 == $_SESSION["testcode"])
        {echo "The code is correct!";}
    else
        {echo "Wrong code!";}

    // unset($_SESSION['testcode']); // ???
}

?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="text" name="fullcode">
<input type="Submit" name="submit" value="Submit!">
</form>

</body>
</html>

Please, tell me what and where I'm wrong... Thanks! :)

EDIT:

<?php
session_start();

if (!isset($_SESSION["testcode"])) {
    $char = "abcdefghijklmnopqrstuvwxyz1234567890";
    $code = $char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)];
    $_SESSION["testcode"] = $code;
}

if(isset($_POST['submit'])) {
    $code1 = mb_substr($_POST['fullcode'], 0, 5);
    $code2 = mb_substr($_POST['fullcode'], -6);

    if ($code2 === $_SESSION["testcode"])
        {echo "The code is correct!<br>";}
    else
        {echo "Wrong code!<br>";}

    unset($_SESSION['testcode']);
    $char = "abcdefghijklmnopqrstuvwxyz1234567890";
    $code = $char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)];
    $_SESSION["testcode"] = $code;
}
?>

Finally, get a new code IF the condition is false!

Community
  • 1
  • 1
Devilix
  • 334
  • 3
  • 13

1 Answers1

0
<?php
session_start();

// first request.
// if not set session 'testcode' and set it, else do nothing.
// prevent session be covered.
if (!isset($_SESSION["testcode"])) {
    reFreshCode();
}

if(isset($_POST['submit'])) {
    $code1 = mb_substr($_POST['fullcode'], 0, 5);
    $code2 = mb_substr($_POST['fullcode'], -6);
    if ($code2 == $_SESSION["testcode"])
        echo "The code is correct!";
    else {
        // get a new code IF the condition is false!
        echo "Wrong code!";
        echo “new code:”.reFreshCode();
    }
}

function reFreshCode() {
    $char = "abcdefghijklmnopqrstuvwxyz1234567890";
    $code = $char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)];
    return $_SESSION["testcode"] = $code;
}
harry
  • 483
  • 2
  • 12
  • Is working fine, but if the code is wrong, why does not generate another new? There is always the same... – Devilix Jan 05 '17 at 17:29
  • one client generate one session id until unset it. so you can get client status. like login or logout. – harry Jan 05 '17 at 17:35
  • i do not know your needs. a simple example, create a reset button .link a php file , unset($_SESSION); – harry Jan 05 '17 at 17:59
  • i should make this under isset($_POST['submit']) to get a new code: unset($_SESSION['testcode']); $char = "abcdefghijklmnopqrstuvwxyz1234567890"; $code = $char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)].$char[rand(0,35)]; $_SESSION["testcode"] = $code; – Devilix Jan 05 '17 at 18:11
  • Sorry, can you explain a moment why with the function method i don't need to unset session to get a new code? Its weird... :( – Devilix Jan 05 '17 at 21:01