hey, just echo the $_SESSION variable at the end of the script to verify that it is storing the CAPTCHA code.

tried that, nothing displays. That's why I'm thinking the variable isn't setting or carrying over.

Paste the code you're using. Also a link to the page if you want, i'd like to take a look.

The page is not online since I am using Xammp to develop locally. The code for the registration page is here:

Code:

<?php
require_once(' db_connect.php ');

//SEE IF ALREADY LOGGED IN

if($_SESSION[ 'logged_in'] == 1)
{
//REDIRECT TO HOMEPAGE
header('Locati on: index.php'); } else {

if(isset($HTTP _POST_VARS['su bmit']))
{

//CHECK IF IMG VERIFY

if(!$_POST['ve rify_code']) {
die('Verify field was blank.');
} else {
if($_SESSION[' code'] != $_POST['verify _code']) {
die('You did not enter the code from the box correctly.');
}
}

//BEGIN CHECKING USERNAME...

if(!$_POST['us ername']) die("Aler t: username field was blank.";

//array of invalid characters
$junk = array('.',', ','/','~', '!','@','# ','$','%', '^','&' ,'*','(',' )','-','=' ,'+','[',' ]','{','}' ,';',':',' |','?','&q uot;','`',' \ ');

//starting lenght of username
$len = strlen($_POST[ 'username']);< br />
//replace invalid characters
$_POST['userna me'] = str_replace($ju nk, '', $_POST['userna me']);
$test = $_POST['userna me'];

//if lenghts are different ($len smaller), invalid characters found, so prompt error.
if(strlen($test ) != $len) {
die('Username Error: Username contained invalid characters. You can only use A-Z, 0-9 and the underscore (_).');
}

//Check if username already exists...

$q2 = mysql_query(&q uot;SELECT * FROM `members` WHERE `username` = '".$_POS T['username'] ."'&quo t;
$q3 = mysql_fetch_obj ect($q2);

if($q3->user name == $_POST['userna me']) {
die('<BR&g t;<BR>Sor ry, but the username "'.$q3-& gt;username.' " is taken, please choose another.');
}

//PASSWORD

if(!$_POST['pa ssword']) {
die('Error: Password field was blank');
}
if(!$_POST['ve rify_password' ]) {
die('Error: Verify Password field was blank.');
}
if($_POST['pas sword'] != $_POST['verify _password']) {
die('Error: The passwords do not match.');
}
if(strlen($_POS T['password'] ) < 6 ) {
die('Error: Your password is too short. Must be 6 or more characters in length.');
}

//ADD NEW MEMBER

$date = date('Y-m-d') ;
$group = "member& quot;;
$insert ="INSERT INTO `members` (user_id, username, user_password, user_email, reg_date, verified, group) VALUES ('NULL','&q uot;.$_POST['u sername'].&qu ot;',

'".md5($ _POST['passwor d'])."' , '".$_POS T['email'].& quot;','$date ','0','$gro up')";
$insert2 = mysql_query($in sert);
if(!$insert2) die(mysql_error ());

echo('Registra tion Successful, Welcome new member! You can now login to your new account.');

} else {
?>
<table> <form name="sig nup" action="& lt;? $_SERVER['PHP_ SELF']; ?>" method="P OST">< br /> <tr>
<td>Usern ame: <BR> (only A-Z, 0-9 and _ Allowed)<BR& gt;</td>< br /> <td><i nput type="tex t" id ="usernam e" name="use rname" value="& quot; maxlength=&quo t;30"> <BR></ td>
</tr>
<tr>
<td>Passw ord:</td>
<td><i nput type="pas sword" id="passw ord" name="pas sword" value="& quot; maxlength=&quo t;30"> <BR> (minimum 6

characters)< /td>
</tr>
<tr>
<td>Verif y Pass:</td> ;
<td><i nput type="pas sword" id="verif y_password&quo t; name="ver ify_password&q uot; value="& quot; maxlength=&quo t;30"> <BR>

</td>
</tr>
<tr>
<td>Email :</td>
<td><i nput type="tex t" id="email " name="ema il" value="& quot; size="30 "><b r></td> ;
</tr>
<tr valign=top>< br /> <td>Enter Code: (Case-Sensitive )</td>
<td><i mg src="capt cha.php"& gt; <br> <input type="tex t" id="verif y_code" name="ver ify_code" value="& quot;></t d>
</tr>
<tr>
<td>Click to Complete Signup:</td& gt;
<td><i nput type="sub mit" id="submi t" name="sub mit" value="su bmit"> </td>
</tr>
</form>< br /> </table>
<?

} //end not logged in
} //end submit not pressed
?>

Did you try to echo $string in the CAPTCHA script? If that didn't work, that would tell you that you have a problem in the code, and not with sessions.

Hrm... I wonder if you have to make some adjustments in your php.ini file? You might need to change or declare a temp. path for session files to be written to, like this: ini_set('se ssion.save_path ', '/path/to/dir '); and make sure the permissions for the folder allow write access.

I have not tested the script on a local server setting, so im not 100% sure.

Ok, I decided to add the Register page live online: http://www.cgar tdesigns.com/re gister.php

Same Error message.

http://www.cgar tdesigns.com/ca ptcha.php
I tried doing "echo $string;" (no quotes) in a couple places on the captcha.php script, only the image with the code shows up, that is correct right? or is there another string that should show besides that?

under the CAPTCHA code, try: echo($_SESSI ON['code']); and see if it matches what it is showing...

Also, just for kicks, change the $_SESSION['cod e'] back to $_SESSION['str ing_code'] - Make sure $_SESSION['cod e'] isn't being used for anything else by accident.

Ok, tried using echo($_SESSION[ 'code']) on the captcha.php page, then on the register.php page. neither display on both.

I changed every reference of $_SESSION['cod e'] on both pages to $_SESSION['str ing_code'], still nothing.

I have to admit, this one is puzzleing me *lol*

This makes me think that this line:


Code:

The page is uploaded: http://www.cgar tdesigns.com/te st.php


Code:

Back on your CAPTCHA code page, try using ob_start(); as the 1st line of code. Then also put it on your registration page and see if that affects the script any.

It's going to be something simple, I know it. It's generating the code, but the $_SESSION variable is not being set somehow...

Edit: Hey, also comment out your $junk array, and the code under that (that replaces the $junk characters).

*heh* did that, didn't effect the script.

And you're right, it will be something so simple probably.

Did you comment out the $junk array? Also, move

$_SESSION['cod e'] = $string;
session_write_c lose();

above

header('Conten t-type: image/png');
imagepng($im);
imagedestroy($i m);

Even when I comment out the junk code, no change.

and when i moved

$_SESSION['cod e'] = $string;
session_write_c lose();

above the

header('Conten t-type: image/png');
imagepng($im);
imagedestroy($i m);

I lose the image.

Putting the code back under the

header('Conten t-type: image/png');
imagepng($im);
imagedestroy($i m);

restores the image.

From I can gather after breaking down the code from line to line, the varible stops working with this section of code in place:

header('Conten t-type: image/png');
imagepng($im);
imagedestroy($i m);

I tried commenting out the header and still got same result.

The thing that confuses me is that the image generates and the code generates, but the session is not storing. Im gonna sleep on it...

ok, I'm so stupid that I missed this. I added session_start() on the top of the register.php page and guess what, it worked. >.< Sorry for the headache >.<

I'm sleepy now *lol*