Please login or register.

Login with username, password and session length
Advanced search  

Author Topic: another bug with captcha  (Read 2055 times)

Av0id

  • Guest
another bug with captcha
« on: March 03, 2007, 04:45:33 pm »

i found a bug, i can post comment and join to a control panel without valid captcha math, the error is here (there're many such lines):

Code: [Select]
// original code
$calc = (is_numeric($_POST['calc']) == is_numeric($_POST['sum'])) ? $_POST['calc'] : null;
Code: [Select]
// fixed code
$calc = (is_numeric($_POST['calc']) && is_numeric($_POST['sum'])) && ($_POST['calc'] == $_POST['sum']) ? $_POST['calc'] : null;
also i use such moded mathCaptcha function:
Code: [Select]
function mathCaptcha() {
$x = rand(23, 96); // <-- here
$y = rand(4, 47); // <-- and here
$math = '


';
$math .= $x.' + '.$y.' = ';
$math .= '

';
$math .= html_input('hidden', 'sum', 'sum', $x + $y, '', '', '', '', '', '', '', '', '', '', '').'

';
return $math;
}
Logged

philmoz

  • High flyer
  • ULTIMATE member
  • ******
  • Karma: 161
  • Posts: 1988
    • fiddle 'n fly
another bug with captcha
« Reply #1 on: March 03, 2007, 09:33:11 pm »

should have looked in patches. alternate solution already there.
http://www.solucija.com/forum/viewtopic.php?pid=22481#p22481
Logged
Of all the things I have lost, it is my mind that I miss the most.