Page 1 of 1
Session/Captcha/Registration Page --- Error
Posted: Wed May 31, 2006 7:14 pm
by tecktalkcm0391
I have a user registration page, in which a CAPTCHA image is created. How could I get the next page which processes the registration to "get" the code that the CAPTCHA gave the user, without making it within the HTML that the user receives on the registration page.
Posted: Thu Jun 01, 2006 10:04 am
by pickle
You could hash it and store the hashed value in the form. Once the form is submitted, hash what the user typed in & check it against the hashed value submitted with the form.
Posted: Thu Jun 01, 2006 10:09 am
by Roja
Simply pass the information/hash/code in the session variable. Not shown in html, and tied to the user.
Posted: Thu Jun 01, 2006 11:09 am
by tecktalkcm0391
How would I do that, can someone tell me a little more in depth. This is only around my 5th day with PHP
Posted: Thu Jun 01, 2006 11:15 am
by pickle
The function you'll want is
md5() or something similar.
Code: Select all
//generate captcha image
$hashed_captcha = md5($whateverStringWasGeneratedByCaptcha);
echo <<<FORM
<form ...>
<input type = "hidden" value = "$hashed_captcha" name = "hashed">
<input type = "text" name = "fieldForUserToType">
</form
FORM;
Then on whatever page this form is submitted to, run the fieldForUserToType value through
md5() and compare it to the value for 'hashed'.
Posted: Thu Jun 01, 2006 9:18 pm
by tecktalkcm0391
ok, but how could I do this with this senerio.
The same as before, I have a page that has the form with the CAPTCHA code image on it, but the image is displayed by this code:
Code: Select all
<img scr=".../CAPTHCHA/security_image.php">
How could I make the first page still have the code encrypted on it.
Re: Session/Captcha/Registration Page --- Error
Posted: Thu Jun 01, 2006 10:50 pm
by Christopher
tecktalkcm0391 wrote:I have a user registration page, in which a CAPTCHA image is created. How could I get the next page which processes the registration to "get" the code that the CAPTCHA gave the user, without making it within the HTML that the user receives on the registration page.
Usually the Captcha script (that generates the image) generates an new code each time it is called and saves the code in a session variable. Then the script that receives the submitted code compares the POST value with the value in the session.