By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,971 Members | 900 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,971 IT Pros & Developers. It's quick & easy.

CAPTCHA and multiple users problem ?

P: n/a
In CAPTCHA, one starts a session, name it, and keep the verification
code as this:

$_SESSION['ecp_sess'] = $veristr;

When an end-user clicks SUBMIT, the server script will verify the code
as this:

if($_SESSION["ecp_sess"] == $_POST["veri_code"]) ....

Somehow I think this is going to create problem. The verification code
is dynamically generated, but the session name is unchanged. When
there are more than 1 users at a particular time, the earlier user who
clicks SUBMIT will find that the verification code is incorrect.

I am going to test with 2 computers; in the mean time any comments
from experienced people ?

Thanks.
Oct 22 '08 #1
Share this Question
Share on Google+
1 Reply


P: n/a
On Wed, 22 Oct 2008 10:55:24 +0200, <sb****@yahoo.comwrote:
In CAPTCHA, one starts a session, name it, and keep the verification
code as this:

$_SESSION['ecp_sess'] = $veristr;

When an end-user clicks SUBMIT, the server script will verify the code
as this:

if($_SESSION["ecp_sess"] == $_POST["veri_code"]) ....

Somehow I think this is going to create problem. The verification code
is dynamically generated, but the session name is unchanged. When
there are more than 1 users at a particular time, the earlier user who
clicks SUBMIT will find that the verification code is incorrect.

I am going to test with 2 computers; in the mean time any comments
from experienced people ?
1) As long they don't share a session (and you probably don't want that
anyway) $_SESSION["ecp_sess"] wil hold different values for different
users.
2) If you keep your served captcha image depends on the actual value of
$_SESSION["ecp_sess"], and is not a single image that gets overwritten
again and again (the horror!), things should be fine.
--
Rik Wasmus
Oct 22 '08 #2

This discussion thread is closed

Replies have been disabled for this discussion.