CAPTCHA and multiple users problem ?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
In CAPTCHA, one starts a session, name it, and keep the verification
code as this:

   $_SESSION['ecp_sess'] = $veristr;

When an end-user clicks SUBMIT, the server script will verify the code
as this:

   if($_SESSION["ecp_sess"] == $_POST["veri_code"]) ....

Somehow I think this is going to create problem. The verification code
is dynamically generated, but the session name is unchanged. When
there are more than 1 users at a particular time, the earlier user who
clicks SUBMIT will find that the verification code is incorrect.

I am going to test with 2 computers; in the mean time any comments
from experienced people ?


Re: CAPTCHA and multiple users problem ?

Quoted text here. Click to load it

1) As long they don't share a session (and you probably don't want that  
anyway) $_SESSION["ecp_sess"] wil hold different values for different  
2) If you keep your served captcha image depends on the actual value of  
$_SESSION["ecp_sess"], and is not a single image that gets overwritten  
again and again (the horror!), things should be fine.
Rik Wasmus

Site Timeline