Page 1 of 1

Looking for a special php code

Posted: Sat Aug 07, 2010 8:57 pm
by fortnox007
HI all i am fairly new to php, and i was just playing around with hiddenfields in html.
So I just wrote an extremely insecure app with hidden fields just to get more familiar with hidden-fields and there risks.
Its a simple game where one is shown a number with the question to predict the next number. options are higher lower and equal to. I already know how to edit the fields (in firebug) in order to get the options for higher and lower to give me a success. But I was really wondering what special sign or code should be put in to let the equation always be true. Because in the part below, there will this equation: $number==$_POST['secretnumber']

here goes some code for the action.

Quote

Code: Select all

    <?php
    //just some random number
    $number = $number.mt_rand(1,100000);
    //if statements
    if (isset($_POST['higher'])){    //if one presses higher
                       if($number>$_POST['secretnumber']){                       
                           echo 'congrats';                                               
                       } else {
                           echo 'too bad!'; }
    if (isset($_POST['lower'])){    //if one presses lower
                       if($number<$_POST['secretnumber']){                       
                           echo 'congrats';                                               
                       } else {
                           echo 'too bad!'; }       
    if (isset($_POST['equalto'])){    //if one presses equal to
                       if($number==$_POST['secretnumber']){                       
                           echo 'congrats';                                               
                       } else {
                           echo 'too bad!'; }

    echo $number;
    ?>      



hereunder the part of the form where the hidden field is stored to pas along in a POST var

Code: Select all

    <form action="index.php" method="post">
                <!-- this line stores the earlier generated var $number -->
                <input type="hidden" name="secretnumber" value="<?php echo $number; ?>" />             
               
                <input type="submit" value="higher" name="higher" />
                <input type="submit" value="higher" name="lower" />
                <input type="submit" value="higher" name="equalto" />
    </form>

So in a nutshell what I want to know is what I have to put in the value of the hidden-field for the third if-statement (the ones that says equal to) to be correct. I allready tried to iput <?php echo $number; ?> but it seems that one got modiefied when the page got reloaded. Any help is welcome.