From e93cde8e3939e88df8af27e26b42a4a087dcf6fb Mon Sep 17 00:00:00 2001
From: Gary <gary@acorn-media.co.uk>
Date: Tue, 17 Jun 2025 11:57:05 +0100
Subject: [PATCH] another test

---
 contact.php | 44 +++++++++++++++++++++++++++-----------------
 1 file changed, 27 insertions(+), 17 deletions(-)

diff --git a/contact.php b/contact.php
index e161b0e..c7baea9 100644
--- a/contact.php
+++ b/contact.php
@@ -10,25 +10,35 @@ include_once $URlcorrection . "includes/header.php";
 include_once $URlcorrection . "includes/banner.php";
 include_once $URlcorrection . "includes/nav.php";
 
-// Generate a new CAPTCHA question if not set
-if (!isset($_SESSION['captcha'])) {
-	$_SESSION['captcha'] = [
-		'num1' => rand(1, 10),
-		'num2' => rand(1, 10),
-		'answer' => $_SESSION['captcha']['num1'] + $_SESSION['captcha']['num2']
-	];
+// Function to generate a new CAPTCHA
+function generateCaptcha()
+{
+	$num1 = rand(1, 10);
+	$num2 = rand(1, 10);
+	$answer = $num1 + $num2;
+	return ['num1' => $num1, 'num2' => $num2, 'answer' => $answer];
 }
 
+// Initialize CAPTCHA for the first load
+$captcha = generateCaptcha();
+$captcha_question = $captcha['num1'] . " + " . $captcha['num2'] . " = ?";
+$captcha_correct_answer = $captcha['answer'];
+
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
 	$name = trim($_POST['name']);
 	$email = trim($_POST['email']);
 	$phone = trim($_POST['phone']);
 	$subject = trim($_POST['subject']);
 	$message = trim($_POST['message']);
-	$captcha_input = isset($_POST['captcha']) ? (int)$_POST['captcha'] : 0;
+	$captcha_input = isset($_POST['captcha_user_input']) ? (int)$_POST['captcha_user_input'] : 0;
+	$captcha_expected_answer = isset($_POST['captcha_hidden_answer']) ? (int)$_POST['captcha_hidden_answer'] : 0;
 
-	if ($captcha_input !== $_SESSION['captcha']['answer']) {
+	if ($captcha_input !== $captcha_expected_answer) {
 		echo "<div class='alert alert-danger text-center'>Incorrect CAPTCHA answer. Please try again.</div>";
+		// Re-generate CAPTCHA for a new attempt
+		$captcha = generateCaptcha();
+		$captcha_question = $captcha['num1'] . " + " . $captcha['num2'] . " = ?";
+		$captcha_correct_answer = $captcha['answer'];
 	} else {
 		$to = "enquiries@warmseal-roofing.co.uk";
 		$website_name = "Warmseal Roofing contact";
@@ -47,19 +57,19 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 
 		if (mail($to, 'New Message from ' . $website_name, $body, $headers)) {
 			echo "<div class='alert alert-success text-center'>Thank you for contacting us. We will get back to you shortly.</div>";
+			// Re-generate CAPTCHA after successful submission
+			$captcha = generateCaptcha();
+			$captcha_question = $captcha['num1'] . " + " . $captcha['num2'] . " = ?";
+			$captcha_correct_answer = $captcha['answer'];
 		} else {
 			echo "<div class='alert alert-danger text-center'>There was an error sending your message. Please try again.</div>";
+			// Re-generate CAPTCHA for a new attempt if email sending fails
+			$captcha = generateCaptcha();
+			$captcha_question = $captcha['num1'] . " + " . $captcha['num2'] . " = ?";
+			$captcha_correct_answer = $captcha['answer'];
 		}
 	}
-
-	// Generate a new CAPTCHA for the next submission AFTER processing the form
-	$_SESSION['captcha'] = [
-		'num1' => rand(1, 10),
-		'num2' => rand(1, 10),
-		'answer' => $_SESSION['captcha']['num1'] + $_SESSION['captcha']['num2']
-	];
 }
-
 ?>
 
 <section class="ftco-section bg-light padding-top-100 padding-bottom-100">