i'm using a php captcha script for verification before submitting a letter to the editor for my website
user fills out the letter to editor form and from there is directed to test.php, which holds form values and shows the captcha test
test.php is holding the values from the letter to editor form and also for the captcha form, however when i try to assign new values (IE a subject, message, etc. for mailing the values from the letter to editor form to a user using php mail() ) those values assignments are not working.
here is the code for test.php, which we've been directed to after filling out a form for letter to the editor:
<?php
session_start();
if(!empty($_SESSION['freecap_word_hash']) && !empty($_POST['word']))
{
// all freeCap words are lowercase.
// font #4 looks uppercase, but trust me, it's not...
if($_SESSION['hash_func'](strtolower($_POST['word']))==$_SESSION['freecap_word_hash'])
{
// reset freeCap session vars
// cannot stress enough how important it is to do this
// defeats re-use of known image with spoofed session id
$_SESSION['freecap_attempts'] = 0;
$_SESSION['freecap_word_hash'] = false;
// now process form
if($_POST[sendEmail]=="true") {
if($_POST[publish] !== "yes") {
$publish = 'no';
}
else {
$publish = $_POST[publish];
}
$subject = 'HNN - Letter to the Editor';
$headers = "From: ".$_POST[name] ."<".$_POST[email].">\r\n";
$message = "Name: ".$_POST[name].", ".$_POST[location]."\r\n"
." Publish E-Mail: ".$publish."\r\n"
." Organization: ".$_POST[organization]."\r\n"
." Link URL: ".$_POST[url]."\r\n\r\n"
. strtoupper($_POST[headline]) . "\r\n"
." (Re: ".$_POST[hnn_url].") \r\n\r\n"
.$_POST[body];
$message = stripslashes($message);
//mail("webmaster@humaniststudies.org",$subject,$message, "From: $_POST[name] <$_POST[email]>");
//echo "<p><b>Thank You, $name, </b></p><p>your letter to the editor has been sent.</p></div></body></html>";
//exit();
}
// now go somewhere else
header("Location: somewhere.php");
$word_ok = "yes";
} else {
$word_ok = "no";
}
} else {
$word_ok = false;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>
<script language="javascript">
<!--
function new_freecap()
{
// loads new freeCap image
if(document.getElementById)
{
// extract image name from image source (i.e. cut off ?randomness)
thesrc = document.getElementById("freecap").src;
thesrc = thesrc.substring(0,thesrc.lastIndexOf(".")+4);
// add ?(random) to prevent browser/isp caching
document.getElementById("freecap").src = thesrc+"?"+Math.round(Math.random()*100000);
} else {
alert("Sorry, cannot autoreload freeCap image\nSubmit the form and a new freeCap will be loaded");
}
}
//-->
</script>
</head>
<body>
<font size="-2"><b>freeCap v1.4 - <a href="http://www.puremango.co.uk" target="_blank">www.puremango.co.uk</a></b></font><br /><br />
<?php
echo $_POST[sendEmail]." \n\n<br>";
echo $_POST[email]." \n\n<br>";
echo $_POST[name]." \n\n<br>";
echo $_POST[publish]." \n\n<br>";
echo $_POST[location]." \n\n<br>";
echo $_POST[organization]." \n\n<br>";
echo $_POST[url]." \n\n<br>";
echo $_POST[hnn_url]." \n\n<br>";
echo $_POST[body]." \n\n<br>";
echo "$headers";
echo $subject;
//echo '$subject';
echo "$message \n\n";
if($word_ok!==false)
{
if($word_ok=="yes")
{
echo "you got the word correct, rock on.<br />";
} else {
echo "Sorry, that was not the right word, try again.<br />";
}
}
?>
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
<input type="hidden" name="sendEmail" value="<?=$_POST[sendEmail]?>">
<input type="hidden" name="body" value="<?=$_POST[body]?>">
<input type="hidden" name="publish" value="<?=$_POST[publish]?>">
<input type="hidden" name="name" value="<?=$_POST[name]?>">
<input type="hidden" name="email" value="<?=$_POST[email]?>">
<input type="hidden" name="location" value="<?=$_POST[location]?>">
<input type="hidden" name="organization" value="<?=$_POST[organization]?>">
<input type="hidden" name="url" value="<?=$_POST[url]?>">
<input type="hidden" name="hnn_url" value="<?=$_POST[hnn_url]?>">
<input type="hidden" name="message" value="<?=$message?>">
<table cellpadding="0" cellspacing="0">
<!--<tr><td>Name:</td><td><input type="text" name="name" value="<?=htmlspecialchars($_POST['name'])?>"></td></tr>
<tr><td>Foo:</td><td><input type="text" name="foo" value="<?=htmlspecialchars($_POST['foo'])?>"></td></tr>
<tr><td>Bar:</td><td><input type="text" name="bar" value="<?=htmlspecialchars($_POST['bar'])?>"></td></tr>-->
<tr><td colspan="2"><img src="freecap14.php" id="freecap"></td></tr>
<tr><td colspan="2">If you can't read the word, <a href="#" onClick="this.blur();new_freecap();return false;">click here</a></td></tr>
<tr><td>word above:</td><td><input type="text" name="word"></td></tr>
<tr><td colspan="2"><input type="submit" value="submit"></td></tr>
</table><br /><br />
</form>
</body>
</html>
any ideas why my text-assigned variables aren't sticking?
any help is appreciated!
