Captcha accepting random entries

Hi

I've had an ongoing issue with Captcha accepting any entry on a particular form. I've got it working on other forms but not with the form attached. I think it might be an order issue as it's in a "show if" and below an "add to cart" button. I'm sure the fact it's using FormMail shouldn't be a problem.

Any ideas?

B

  I'm sure the fact it's using FormMail shouldn't be a problem.  

The fact that it's using FormMail _is_ the problem
.
to use FormMail, the forms action must be set to post to a different page.

All server side procession of form data MUST occur on the action page.

Captcha validation is performed server side. since the action of the page goes to another page, the captcha validation server behavior never has an opportunity to process the form.

Hi Jason

I tried it using UE without FormMail, It returns to the same page with ?invalid=true at the end. And no email sent.

This is the same page but both show regions missing. That suggests the show region utility is causing a problem?

I can get the captcha to work on it's own on a test page, just not in the "show region" and with the add to cart button.

B

the ?invalid=true on the end means validation is failing. we need to know which validation is failing.


find:

if ($WAFV_Errors != "")  {

    PostResult($WAFV_Redirect,$WAFV_Errors,"ItemsDetail");

  }

and change it to:

if ($WAFV_Errors != "")  {

    die($WAFV_Errors);

    PostResult($WAFV_Redirect,$WAFV_Errors,"ItemsDetail");

  }

this will tell us what is not working.

11, The Captcha.

lets find out whats in the session and the post

if ($WAFV_Errors != "")  {

    die($WAFV_Errors."||".$_POST["Security_group_Enter_characters_from_image"]."||".$_SESSION["captcha_Security_group_Enter_characters_from_image"]);

    PostResult($WAFV_Redirect,$WAFV_Errors,"ItemsDetail");

  }

A correct Captcha entry works and sends an email.

In incorrect entry returns:

,11||sfdgsdgsfg||5ZnWD

when the Captcha image says: 5ZnWD

  A correct Captcha entry works and sends an email.  

I'm not sure i understand the problem then, I though you where saying that captcha doesn't work?

I've messed around with the code so much I'm not sure where I'm at but the situation is now that if the correct Captcha is entered it works OK. BUT

If I change the code back to

if ($WAFV_Errors != "")  { 
    PostResult($WAFV_Redirect,$WAFV_Errors,"ItemsDetail"); 
  }

and enter a random Captcha entry I get the Items_Detail.php?invalid=true page without any form and buy button.

Which makes sense as the show region recordset criteria are not being met.

I'm thinking it would it be better to have a button in the show region on the items detail linking off to a clean form.

OK, now it makes sense.

so if the captcha fails, the recordet is empty (The record is what you are using for the show region)

easy fix.

add a hidden field to the form to capture the itemID querystring that is used by the recordset:

<input id="ItemID_fields" name="ItemID" type="hidden" value="<?php echo((isset($_GET["ItemID"])?$_GET["ItemID"]:"")); ?>" />

then change the validation failed redirect to pass the ItemID quersyting:
$WAFV_Redirect = "Items_Detail.php?invalid=true&ItemID=".isset($_POST['ItemID'])?$_POST['ItemID']:"";