Sum captcha

bartzz

I was making my feedback form and decided to put SUM Captcha (2+2=4) and here is my code:

<?php
function array_htmlspecialchars(&$input)
{
    if (is_array($input))
    {
        foreach ($input as $key => $value)
        {
            if (is_array($value)) $input[$key] = array_htmlspecialchars($value);
            else $input[$key] = htmlspecialchars($value);
        }
        return $input;
    }
    return htmlspecialchars($input);
}
require_once "maincore.php";
require_once "subheader_v.php";
require_once "side_left.php";
unset($feedback[4]);
$feedback = array_htmlspecialchars($feedback);
$no_spam = array(rand(1,12),rand(1,10));
	echo '<pre>';
	print_r($feedback);
	echo '</pre>';

echo "<form action=".$_SERVER['SCRIPT_NAME']." method=\"POST\">";
echo '<table align="center" style="border: 1px solid black;padding: 6px;"><td align="right"><span style="font-size: 20px;text-align: center;">Post comment</span><br /><br /><span style="font-size: 16px;">Nick: </span><input type="text" style="width: 200px;font-size: 16px" class="textbox" name="feedback[]">',"\n<br /><br />";
echo '<span style="font-size: 16px;">Email: </span><input type="text" style="width: 200px;font-size: 16px" class="textbox" name="feedback[]">',"\n<br /><br/>";
echo "<span style=\"font-size: 16px;\">" . $no_spam[0]."+".$no_spam[1] .": </span><input type=\"text\" style=\"width: 200px;font-size: 16px\" class=\"textbox\" name=\"feedback[]\">","\n<br /><br/>";
echo '<span style="font-size: 16px;">Comment: </span>',"<br />\n";
echo '<textarea style="width: 200px;height: 100px;font-size: 16px" class="textbox" name="feedback[]"></textarea><br /><br />';
echo '<input type="submit" class="button" value="Post Comment" name="feedback[]"></td></table></form>';
if(!empty($feedback[2])){
if(array_sum($no_spam) != $feedback[2]){
echo $no_spam[0]."+".$no_spam[1] ." Is not equal to ".$feedback[2]."...";
}}
require_once "side_right.php";
require_once "footer.php";
?>

When you come to the page this ($no_spam = array(rand(1,12),rand(1,10))😉 is equal to for example 2+2 when you POST data it refreshes the page and makes new rand... so the result isn't true (if(array_sum($no_spam) != $feedback[2]))

cneeds

deleted *

dagon

store the answer to the Captcha in a session, check the session against the posted answer

$_SESSION['spam_answer']=$no_spam[0]+$no_spam[1];

after post,

if($_SESSION['spam_answer'] !=$feedback[2]){
//wrong answer;
}