|
|
Posted by "Richard Lynch" on 05/21/05 05:04
On Thu, May 19, 2005 6:05 am, Rahul S. Johari said:
> I did actually remove the Header which declared it as a Image/PNG and
> everything seemed to work in both the browsers.
Great. Now it works in 2 browsers, and breaks in 237.
You MUST separate the two.
Period.
> Here's my situation though... I can't separate out these two files because
> when a user is on the verification page, where the Image exists, in case
> he
> "reloads" or "refreshes" the page, a new image should be generated and
> displayed, so that the verification code is different each time you reach
> the verification page. If I was to keep the image code in a different
> page,
> the verification page will pick up the same PNG image and display the same
> security code over and over without changing it.
So you need some kind of "secret token" buried in the HTML which you can
decode in the image and in their submit to see if they actually used human
eyeballs to see the image.
There are dozens of scripts out there that do this -- Perhaps you should
review them to see how they work.
The simplest solution I know of is to make up a random string and store it
in an SQL table with the word in the image.
http://php.net/uniquid http://php.net/md5 etc.
--
Like Music?
http://l-i-e.com/artists.htm
Navigation:
[Reply to this message]
|