Session/Captcha/Registration Page --- Error

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Session/Captcha/Registration Page --- Error

Post by tecktalkcm0391 »

I have a user registration page, in which a CAPTCHA image is created. How could I get the next page which processes the registration to "get" the code that the CAPTCHA gave the user, without making it within the HTML that the user receives on the registration page.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

You could hash it and store the hashed value in the form. Once the form is submitted, hash what the user typed in & check it against the hashed value submitted with the form.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

Simply pass the information/hash/code in the session variable. Not shown in html, and tied to the user.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Post by tecktalkcm0391 »

How would I do that, can someone tell me a little more in depth. This is only around my 5th day with PHP
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

The function you'll want is md5() or something similar.

Code: Select all

//generate captcha image
$hashed_captcha = md5($whateverStringWasGeneratedByCaptcha);

echo <<<FORM
<form ...>
<input type = "hidden" value = "$hashed_captcha" name = "hashed">
<input type = "text" name = "fieldForUserToType">
</form
FORM;
Then on whatever page this form is submitted to, run the fieldForUserToType value through md5() and compare it to the value for 'hashed'.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Post by tecktalkcm0391 »

ok, but how could I do this with this senerio.

The same as before, I have a page that has the form with the CAPTCHA code image on it, but the image is displayed by this code:

Code: Select all

<img scr=".../CAPTHCHA/security_image.php">
How could I make the first page still have the code encrypted on it.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Session/Captcha/Registration Page --- Error

Post by Christopher »

tecktalkcm0391 wrote:I have a user registration page, in which a CAPTCHA image is created. How could I get the next page which processes the registration to "get" the code that the CAPTCHA gave the user, without making it within the HTML that the user receives on the registration page.
Usually the Captcha script (that generates the image) generates an new code each time it is called and saves the code in a session variable. Then the script that receives the submitted code compares the POST value with the value in the session.
(#10850)
Post Reply