Basically I am trying to do the following:
1. user goes to index.php.
2. types in a code
3. if the code is not correct then re-direct them back to index.php and tell them the code is invalid.
4. If they did not enter anything into the box then tell them (same as 3. but message different).
5. If they try to call password.php directly from a web-browser then re-direct them to index.php.
6. if the code is correct then let them see the page (this bit works woopee).
========== index.php ===========
Code: Select all
<?php
$errors = $HTTP_POST_VARS["errors"];
?>
<html>
<head>
<title></title>
<meta name="author" content="m@ndio">
</head>
<body>
<?=$errors?>
<FORM METHOD="POST" ACTION="thanks.php">
<input type="hidden" name="Xon" value="true">
<TABLE cellpadding="3">
<TR>
<TD>Promo code:</TD>
<TD><INPUT TYPE="password" NAME="Xpromo"></TD>
</TR>
<TR>
<TD colspan="2" align="center"><INPUT TYPE="submit" value="Gimme Gimme"></TD>
</TR>
</TABLE>
</FORM>
</body>
</html>Code: Select all
<?php
$formsub = $HTTP_POST_VARS["Xon"];
if($formsub == "true")
{
$yourcode = $HTTP_POST_VARS["Xpromo"];
$errors = array();
$yourcode = strtoupper($yourcode);
if($yourcode !== "TEST")
{
if(empty($yourcode))
{
$errors[] = "you have not entered a promo code";
}
header ("Location: index.php");
}
elseif($yourcode == "TEST")
{
// They are legit
?>
<html>
<head>
<title></title>
<meta name="author" content="m@ndio">
</head>
<body>
Thank you. Here are the discounted prices.
</body>
</html>
<?
}
else
{
// the page was called directly.
header ("Location: index.php");
}
}
?>Code: Select all
tafs[/size]