Hi, I'm still on hour 9 of Sam's 24 hours and i've run across another stumping block.

It's a Number Guessing script, and it's got a form at the bottom that calls itself again when user presses "ENTER"

for whatever reason my page just refreshes tothe default as if it's the first time the page has been called.

<?php

// force variables to be picked up from Globals

$guess = $GET['guess'];
$num_tries = $GET['num_tries'];

$num_to_guess=42;
$message="";
$num_tries=(isset($num_tries))?++$num_tries:1;

if (!isset($guess))
{
$message="Welcome to the Guessing Machine!";
}
elseif ($guess<$num_to_guess)
{
$message="$guess is too Small! Try a larger number";
}
elseif ($guess>$num_to_guess)
{
$message="$guess is too Big! Try a smaller number";
}
else // must be equivalent
{
$message="Well Done!";
}
$guess = (int)$guess;

?>

<html>

<head>

<title>Saving State within a hidden field</title>

</head>

<BODY>

<b>
The Number Guessing Script<br><br>
</b>

<?php print $message ?>

<br>
Attempt number: <?php print $num_tries ?>

<form action = "<?php print $PHP_SELF?>" method="POST">

Type your guess in here:
<input type="text" name="guess" value="<?php print $guess ?>">
<input type="hidden" name="num_tries" value="<?php print $num_tries ?>">

</form/>

</body>

</html>

Can anyone tell me what I've done wrong?

Refreshing the page will just keep passing the original query string, which will be "". You need to add a "submit" input.

Your form method is POST but you then look for GET variables. Change one or the other,

Of course, this problem is avoided if you use

$guess = $_REQUEST['guess']; 

$_REQUEST referances GET, POST & COOKIE vars indescriminately.

Read this http://uk.php.net/en/language.variables.predefined to understand the difference.

And if the book gave you this script then I'd ask for my money back.

And if the book gave you this script then I'd ask for my money back.

Me, too. I've seen or used several Sams programmiing books. About half have been very good to excellent, and about half have been downright atrocious (not a good ratio). It looks like this one might be in the latter category.

i'm still trying to get this thing to work using your suggestions, i'll let you know when i've got it going.

It works! it was the $_REQUEST[]; that saved me...thanks a bunch

I generally would not reccommend using the $_REQUEST super-global because you are unaware of where its elements originated from. In some cases, this is fine. However I do not think everything should be passable by GET, etc.

PHP Magician, could you explain what you mean? I know you're talking security but how would you solve this problem in a more secure way?

Simply obtain variables from where the originate from. If the variable came from a hyper-link, get its data from the $GET super-global. If it came from a form using the method POST, well, get it from the $POST variable. Basically, use the appropiate $* variables. If it doesn't matter where it came from, then use the $REQUEST variable. However, your application should probably priotize the most appropiate place to receive the data. For example, if an application was looking for a session id from a custom session class, then it may be wise to take the session id from COOKIE first, then POST then finally if the other 2 fail, GET. This just means your less likely to get conflicting results from different variables. So, custom code it that way, or if your code is to run on you own server with php.ini modifiable by you, you could set variable_order (http://uk.php.net/manual/en/ini.sect.data-handling.php#ini.variables-order) to match your applications preferences. That is a bad idea though for portability though.

thanks PHPMagician.