Why isn't my PHP POST request going through?

Question

I'm trying to build a system that will give a user a random question, then send the user's answer and the correct answer to the next page via POST, without ever showing the user what the correct answer is. When FileB.php loads, var_dump($_POST); reads

array(1) {
  ["response"]=>
  string(32) "Whatever the user's response was"
}

Why doesn't what I have below work? Why isn't the ans post request going through?

FileA.php

<?PHP
function post($data) // from http://stackoverflow.com/questions/5647461/how-do-i-send-a-post-request-with-php
{
    $options = array(
        'http' => array(
              'header'  => "Content-type: application/x-www-form-urlencoded\r\n"
            , 'method'  => 'POST'
            , 'content' => http_build_query($data)
        ),
    );
    $context  = stream_context_create($options);
}

post(array("ans" => "Correct Answer"));
?>
<HTML>
<HEAD>
<TITLE>Form</TITLE>
</HEAD>
<BODY>
<FORM METHOD="post" ACTION="FileB.php">
    <LABEL>What is the correct answer? <INPUT TYPE="text" NAME="response"/></LABEL>
</FORM>

FileB.php

<HTML>
<HEAD>
<TITLE>Results</TITLE>
</HEAD>
<BODY>
<?PHP
if ($_POST["ans"] == $_POST["response"])
{
    echo "You are correct!";
}
else
{
    echo "You're wrong!";
}
?>
</BODY>
</HTML>

Answer 1

After you got Strat's suggestion working, an improvement might be to store the correct answer in a session variable instead of revealing it in the HTML source. You don't need a hidden field then. Example:

FileA.php

session_start();
$_SESSION['answer'] = "....";

FileB.php

session_start();
if ($_POST['response'] == $_SESSION['answer'])
{
    echo "You're right.";
}
...

Answer 2

Why don't you have a submit button or something like "JavaScript+Ajax" to capture user input ? If this isn't your issue, please specify what exactly doesn't work with your script ? Do you get "You're wrong" even when the response is correct or you don't get any output at all ? It could also be because you call post() before taking input.

Answer 3

Try something like this:

FileA.php

<HTML>
  <HEAD>
    <TITLE>Form</TITLE>
  </HEAD>
  <BODY>
    <FORM METHOD="post" ACTION="FileB.php">
      <LABEL>What is the correct answer? <INPUT TYPE="text" NAME="response"/></LABEL>
      <INPUT TYPE="hidden" NAME="answer" VALUE="Correct Answer" />
    </FORM>
  </BODY>
 </HTML>

FileB.php

<HTML>
  <HEAD>
    <TITLE>Results</TITLE>
  </HEAD>
  <BODY>
    <?PHP
      if ($_POST["answer"] == $_POST["response"]){
        echo "You are correct!";
      }else{
        echo "You're wrong!";
      }
    ?>
  </BODY>
</HTML>

Obviously change the VALUE of the answer input to whatever your answer should be. Not the best solution if you need to hide the answer 100%, but probably the easiest to get it working.

Answer 4

From what I understand from your question is that you would have like to pass two variables: random question and its answer to FileA.php , but you also want your answer to be hidden. Then, you use POST to send the answer to FileB.php .

You can do as what @Strat has suggested, by having a hidden field. For example:

<?php
    $random_question = '.....';
    $random_answer = '.....';
?>

<?php echo $random_question; ?>
<form action='fileB.php' methid='POST'>
     <input type='text' name='response' />
     <input type='hidden' name='ans' value='<?php echo $random_answer; ?>' />
</form>

The downside is that hidden field only prevent broswer from displaying the answer, but they can easily inspect the element and get the correct answer. You can prevent it by

<input type='hidden' name='ans' value='<?php echo md5($random_answer); ?>' />

and

if ($_POST["ans"] == md5($_POST["response"]))

The solution that I suggest is not the best. There is probably a better way to do it if you provide more context such as whether there is database behind the script that random the question.