JCP JCP - 24 days ago 6
PHP Question

Form with random number as validation

The following PHP code is for generating a random number of four digits (

$numero
) and using it as a validation for a simple HTML form with three input boxes. The last input box is for entering the code (the random number). If the user doesn't write the right number in that last input box the program skips its purpose, which is adding some text to a database (
agregar.txt
). I think the code is fine, except for
if ($_POST['password'] != $numero) {
. Should I change it to a string or use another kind of variable? Each time I run the code it acts as if
$numero
was different from
password
, and I'm sure I'm writing the right number. Please some help.

<html>
<body>
<center>
<h2>Agregar entradas a diccionarioie</h2>

<?php
// RANDOM FOUR DIGITS NUMBER
$numero = rand(1000, 9999);
echo "<b>Código: </b><big>".$numero."</big><p>";
if ($_POST['password'] != $numero) {
?>

<form name="form" method="post" action="">
<input title=" LEMA " size="30" type="text" name="lema" autofocus><br>
<input title=" TRADUCCIÓN " size="30" type="text" name="trad"><br>
<input title=" CÓDIGO " size="30" type="text" name="password"><br>
Gracias por colaborar <input title=" ENVIAR " type="submit" value="•"></form>

<?php
} else {
$lema = $_POST['lema'];
$trad = $_POST['trad'];
// ADDING TEXT TO A DATABASE
$texto = $lema." __ ".$trad."\n";
$docu = fopen("agregar.txt", "a+");
fwrite($docu, $texto);
fclose($docu);
}
?>

</center>
</body>
</html>

Answer

As pointed out by @Fred -ii-, the problem in your code is the $numero get generated to different random number when you submit the form. The solution is to use session: PHP session example

The session can be used to store your $numero value after the form being submitted. Here's the updated code:

<?php

// Make sure to start the session before any output.
session_start();

if (isset($_POST['password']) && isset($_SESSION['numero']) && $_POST['password'] == $_SESSION['numero']) {
    unset($_SESSION['numero']);
    $lema = $_POST['lema'];
    $trad = $_POST['trad'];
    // ADDING TEXT TO A DATABASE
    $texto = $lema." __ ".$trad."\n";
    $docu = fopen("agregar.txt", "a+");
    fwrite($docu, $texto);
    fclose($docu);
} else {
    // RANDOM FOUR DIGITS NUMBER & STORE IT IN SESSION.
    $numero = $_SESSION['numero'] = rand(1000, 9999);
?>
<html>
<body>
    <center>
        <h2>Agregar entradas a diccionarioie</h2>
        <b>Código: </b><big><?php echo $numero; ?></big><p>
        <form name="form" method="post" action="">
            <input title="LEMA " size="30" type="text" name="lema" autofocus><br>
            <input title="TRADUCCIÓN " size="30" type="text" name="trad"><br>
            <input title="CÓDIGO " size="30" type="text" name="password"><br>
            Gracias por colaborar <input title=" ENVIAR " type="submit" value="•">
        </form>
    </center>
</body>
</html>
<?php }

Just make sure that you call session_start() before any output (in your case the HTML document).

Hope this help.

Comments