Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Text not change on reloaded #90

Open
ve3 opened this issue Jun 29, 2019 · 1 comment
Open

Text not change on reloaded #90

ve3 opened this issue Jun 29, 2019 · 1 comment

Comments

@ve3
Copy link

ve3 commented Jun 29, 2019

Serucimage version 4.0.1

Downloaded it from here https://github.com/dapphp/securimage/archive/4.0.1.zip

When I open the URL to securimage_show.php and reload.
The text in an image did not change at all. Reload many times but nothing changed.

Go back to version 3.6.7 it is working fine.

@dapphp
Copy link
Owner

dapphp commented May 30, 2020

In version 4.0.1 there were some major changes with how codes are stored and associated with clients. To do away with the requirement of cookies or more complicated database settings and make database/file/redis/session storage standardized, captcha codes are identified by IDs.

You'll have to start by using Securimage::getCaptchaHtml() (see the example_form.php in nextgen / 4.0.1 branch) after having configured your storage settings in config.inc.php.

Image URLs are now like:

http://domain/securimage/securimage_show.php?id=ab0695e6014b6739ea71ad94ce616a172764407e

The form should then embed that ID in a hidden input field, and server side when validating the code using check, supply the captcha ID as the second argument.

In your form you can generate a random code and serve it like this:

<?php

$id = bin2hex(openssl_random_pseudo_bytes(24));

?>

<input type="hidden" name="captcha_id" value="<?= $id ?>">
<img src="/path/to/securimage_show.php?id=<?= $id ?>" ...>
Enter code: <input type="text" name="code">

Then when validating the form:

<?php

$id = @$_POST['captcha_id'];
$code = @$_POST['code'];

$options = array(/* your options here */);
$securimage = new Securimage($options);
$valid = $securimage->check($code, $id);

Unfortunately I never got any great examples for this done. The wordpress plugin at https://wordpress.org/plugins/securimage-wp/ is built using 4.0 and can be used as an example though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants