Jump to content

Session Value Changes Automaticly ... PLZ HELLLLLP !!!


Recommended Posts

hello all .

I have a captha in my site . Simply i produce a random code on an image and store that code in the session . then i would check the code stored in the session and the code that user posted to the page .

 

the script worked for 6 months very well until last night . after a server upgrade or something like that i realized that when a user enters every thing as a capcha he/she can bypass the captha very well !!!!

 

I traced the code , and find out the "IF ($_SESSION['CODE']==$_POST['CODE']) " will always return true !! i checked the code value in the session and saw that the $_SESSION['CODE'] changes to WHAT EVER USER POSTS , and because of this that IF always returns TRUE !

 

before you help me with this , please remember that I don't have any piece of code in my script that changes the session value to what ever user posts and , my captcha works very well on my local machine , but on the server i have this problem

 

any helps appreciated

 

ps . it is == not = in my if !

The Local Version : PHP 5.2.3

The Server Version : PHP 5.2.6

 

DEAR MIKESTA THANKS FOR ASKING ME THE VERSIONS ! I GOOGLED PHP5.2.6 SESSION AND I FOUND THIS !!!

 

 

Offline Offline

 

Posts: 6086

 

 

 

WWW

 

 

Re: [Random] Php 5.2.6 session behavior notice.

« Reply #2 on: October 23, 2008, 08:01:03 AM »

 

Correct. You have register globals turned on on your machine.

 

All:

$_SESSION['x'], $_GET['y'], $_POST['z'], $_REQUEST['r'], $_COOKIE['c']

are also accessible with:

$x, $y, $z, $r, $c

 

 

AGAIN THANKS !!!!!!!!!!!!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.