时间戳

首页 > 解决方案 > 为什么在 php 中给出错误无效验证码后验证码没有重新渲染

php - 为什么在 php 中给出错误无效验证码后验证码没有重新渲染

问题描述

当我为 CAPTCHA 填写正确答案时,它工作正常。给出错误答案后,它会发出警告消息,然后 CAPTCHA 字段显示空白

<?php
session_start();
  $math='';
if(!isset($_POST['submit1']))
{
$digit1 = mt_rand(1,20);
    $digit2 = mt_rand(1,20);
    if( mt_rand(0,1) === 1 ) {

            $math = "$digit1 + $digit2";
            $_SESSION['ccanswer'] = $digit1 + $digit2;
    } else {

            $math = "$digit1 - $digit2";
            $_SESSION['ccanswer'] = $digit1 - $digit2;
    }
}

include('inc/subheader.php');
require "connection.php";

if(isset($_POST['submit1']))
{


        $xyzname=$_SESSION['XYZname'];
         $correct_answer=$_SESSION['ccanswer'];
        $answerRR=$_POST['answer1'];
         if($correct_answer==$answerRR){
            $sql="SELECT pwd FROM  logins WHERE username = '".$xyzname."' and encrypt_pwd='".$_POST['opwd']."'";
            $result1 = pg_query($pgcon,$sql);
            $num=pg_num_rows($result1);

            if($num>0)
            {

            $updatephoto ="UPDATE xyz set encrypt_pwd='".$_POST['npwd']."' where username='".$xyzname."'";
            pg_query($updatephoto);
            echo "<script>alert('Your password has been reset successfully!');</script>";
            }
            else
            {

                echo "<script>alert('Sorry, there is no match for that password.');</script>";
            }   

                        }else{

                            echo  "<script>alert('Invalid captcha');</script>";
                            $_SESSION['ccanswer']='';
                        }



            }
?>



    <form name="chngpwd" action="" method="post" id="demo">
                <div class="form-group">
                        <label for="exampleInputPassword1">Old Password</label>
                  <input type="password" class="form-control" id="opwd" required placeholder="Old Password" name="opwd" onkeypress="return blockSpecialChar(event)">

                </div>
                 <div class="form-group">
                        <label for="exampleInputPassword1">New Password</label>
                  <input type="password" class="form-control" id="npwd" name="npwd" required placeholder="New Password" onkeypress="return blockSpecialChar(event)">

                </div>
                 <div class="form-group">
                        <label for="exampleInputPassword1">Confirm Password</label>
                  <input type="password" class="form-control" data-rules-equalTo="#npwd" required id="cpwd" placeholder="Confirm Password" onkeypress="return blockSpecialChar(event)">

                </div>
                                <div class="form-group">
                 <label for="exampleInputPassword1">Captcha</label>
               <input id="answer1" name="answer1" type="text" placeholder="<?php echo $math; ?>" class="form-control" required="required" data-validation-required-message="Please enter Captcha Code."/>
                <p class="help-block text-danger"><?php if(isset($_GET['msg'])) { echo "Invalid Captcha Code.";}?></p>
                </div>
                 <div class="box-footer">
                <button type="submit" class="btn btn-primary" name="submit1" value="Change Passowrd" >Submit</button>
              </div>
          </form>

给出错误消息后,我希望 CAPTCHA 字段不为空。

我没有发现错误,但 CAPTCHA 下的字段显示为空。

我尝试重新加载页面,然后它工作正常,但之前填写的表格没有显示值。

标签: phpcaptcha

解决方案

您需要将不正确的答案放在“值”字段中,如下所示:

... input type="text" value="<?php echo $variable;?>" ...

我还注意到您在没有转义变量的情况下使用 SQL 操作,这肯定会导致 SQL 注入攻击。

推荐阅读