Security question and answer "problem"...

I noticed that a security question was what day comes before tuesday? If a person types Monday it fails. If they type monday it passes. Was this intentional? I'd bet a normal person would wonder what was wrong with their answer since days of the week are "normally" capitalized.

steve

Thanks for pointing this out, I have logged a bug for it. Unlike the Contact Form Solution Pack CSS Form Builder does not set the entered answer to lowercase before making the comparison so entering the capital letter will cause it to fail validation.

The work around is to update the security question validation on the page and make it look like this:

$WAFV_Errors .= WAValidateLE((isset($_POST["Registration_group_field"])?strtolower($_POST["Registration_group_field"]):"") . "",((isset($_SESSION["random_answer"]))?strtolower($_SESSION["random_answer"]):"") . "",true,13);

I just added in the strtolower() around the posted element to make it lowercase and match the session variable.

I am having this problem too. I didn't have to add the strtolower as it was already there. I find that the security question will accept 'monday' but not 'Monday'. As a workaround is it possible to remove the 'days' question from the WAVT_CaptchaSecurityImages.php file? If so, I'm not quite sure what to delete as I don't want to muck up the code and make it even worse.

There is normally one strtolower present but it is only applied to the session variable that is being compared, not to the posted element from the form. This is why the entry with the lowercase works but not with the uppercase. You will need to wrap the strtolower around the input value. If you post back with your page that has the form on it or just the Validation code from the top of the page I can show you where this would need to be inserted.

Is this the code?

<?php
if (isset($_POST["IntCoursesApplicationForms_submit"])) {
$WAFV_Redirect = "application_form_online_ksi_one_to_one.php?invalid=true";
$_SESSION['WAVT_applicationformonlineksionetoone_Errors'] = "";
if ($WAFV_Redirect == "") {
$WAFV_Redirect = $_SERVER["PHP_SELF"];
}
$WAFV_Errors = "";
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Contact_Details_Name"])?$_POST["Kick_Start_Intense_one_to_one_Contact_Details_Name"]:"") . "",true,1);
$WAFV_Errors .= WAValidateEM((isset($_POST["Kick_Start_Intense_one_to_one_Contact_Details_Email"])?$_POST["Kick_Start_Intense_one_to_one_Contact_Details_Email"]:"") . "",true,2);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Contact_Details_Address_Line_1"])?$_POST["Kick_Start_Intense_one_to_one_Contact_Details_Address_Line_1"]:"") . "",true,3);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Contact_Details_Town_City"])?$_POST["Kick_Start_Intense_one_to_one_Contact_Details_Town_City"]:"") . "",true,4);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Your_Driving_Experience_Driving_License_Number"])?$_POST["Kick_Start_Intense_one_to_one_Your_Driving_Experience_Driving_License_Number"]:"") . "",true,5);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Your_Driving_Experience_Do_you_have_any_driving_experience_to_date"])?$_POST["Kick_Start_Intense_one_to_one_Your_Driving_Experience_Do_you_have_any_driving_experience_to_date"]:"") . "",true,6);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Your_Driving_Experience_Have_you_taken_any_driving_tests"])?$_POST["Kick_Start_Intense_one_to_one_Your_Driving_Experience_Have_you_taken_any_driving_tests"]:"") . "",true,7);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Theory_Test_Have_you_passed_your_theory_test"])?$_POST["Kick_Start_Intense_one_to_one_Theory_Test_Have_you_passed_your_theory_test"]:"") . "",true,8);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Your_Course_Preferences_Do_you_require_accomodation"])?$_POST["Kick_Start_Intense_one_to_one_Your_Course_Preferences_Do_you_require_accomodation"]:"") . "",true,9);
$WAFV_Errors .= WAValidateRQ((isset($_POST["Kick_Start_Intense_one_to_one_Your_Course_Preferences_When_are_you_available_to_take_the_course_please_list_all_available_dates"])?$_POST["Kick_Start_Intense_one_to_one_Your_Course_Preferences_When_are_you_available_to_take_the_course_please_list_all_available_dates"]:"") . "",true,10);
$WAFV_Errors .= WAValidateLE((isset($_POST["Kick_Start_Intense_one_to_one_Anti_Spam_Protection_Answer"])?$_POST["Kick_Start_Intense_one_to_one_Anti_Spam_Protection_Answer"]:"") . "",((isset($_SESSION["random_answer"]))?strtolower($_SESSION["random_answer"]):"") . "",true,11);
$WAFV_Errors .= WAValidateRX((isset($_POST["HiddenFields_fields"])?$_POST["HiddenFields_fields"]:"") . "","/.*/",false,12);

if ($WAFV_Errors != "") {
PostResult($WAFV_Redirect,$WAFV_Errors,"applicationformonlineksionetoone");
}
}
?>

In the list of validations that you posted it is the second to the last one, it has an 11 at the end of it. You should update it to be like this:

$WAFV_Errors .= WAValidateLE((isset($_POST["Kick_Start_Intense_one_to_one_Anti_Spam_Protection_Answer"])?strtolower($_POST["Kick_Start_Intense_one_to_one_Anti_Spam_Protection_Answer"]):"") . "",((isset($_SESSION["random_answer"]))?strtolower($_SESSION["random_answer"]):"") . "",true,11);