我开发了验证码,要求用户回答随机显示的问题。我的数据库包括id,问题和答案。问题是虽然我输入了正确的答案,它仍然将我重定向到error.php而不是success.php。
<?php
$database_db="test2";
$user_db="root";
$password_db="";
$host_db="localhost";
$link = mysqli_connect($host_db, $user_db, $password_db, $database_db);
/* check connection */
if (mysqli_connect_errno())
{
die ("couldnot connect: ".mysqli_connect_error());
exit();
}
if (array_key_exists("answer", $_POST) AND array_key_exists("question", $_POST))
{
$id = intval($_POST['question']);
$sql="SELECT question, answer FROM captcha WHERE question='$id' AND answer='".mysqli_real_escape_string($link, $_POST['answer'])."'";
$result = mysqli_query($link, $sql) or exit('$sql failed: '.mysqli_error($link));
$num_rows = mysqli_num_rows($result);
if($num_rows > 0)
{
header("Location: success.php");
}
else
{
header("Location: error.php");
}
exit;
}
else
{
$query = "SELECT id, question FROM `captcha` ORDER BY RAND() LIMIT 1";
if ($result = mysqli_query($link, $query))
{
if ($row = mysqli_fetch_assoc($result))
{
$id = $row["id"];
$question = $row["question"];
}
}
}
?>
<html>
<body>
<form method="post">
<?php echo $question; ?><br />
<input type="hidden" name="question" id="question" value="<?php echo $id; ?>" />
<input type="text" name="answer" id="answer" /><br />
<input type="submit" name="submit" value="submit" /><br />
</form>
</body>
</html>
答案 0 :(得分:1)
您似乎在查询错误的列以查找与$id匹配的内容:
"SELECT question, answer FROM captcha WHERE question='$id' AND ... "
我认为这应该是:
"SELECT question, answer FROM captcha WHERE id='$id' AND ... "