I think that there is an error in captcha.module validation function.
Even when a math answer is correct it comes with an error message.
Captcha seem to return an empty value.
I modified captcha.module as below and it works fine for me.

/**
* Default implementation of the captcha validation function.
*/

function captcha_captchavalidate(&$captcha_word, &$correct) {
$captcha_word = drupal_strtolower($captcha_word);M

if (($_SESSION['captcha'] != '') AND ($captcha_word == $_SESSION['captcha'])) {
$correct = TRUE;
}elseif (($_SESSION['captcha'] != '') AND ($captcha_word != $_SESSION['captcha'])) {
$correct = FALSE;
form_set_error('captcha_response', t('The answer you entered to the math problem is incorrect.'));

}
}

CommentFileSizeAuthor
#2 captcha_fix_validate.patch1.14 KBdalin
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

desrod’s picture

desrod CreditAttribution: desrod commented

A unified diff against the latest released captcha module would be best... can you repost with a diff?

dalin’s picture

dalin
he/him
Primary language English
Location 🇲🇽, 🇨🇦, 🌍
CreditAttribution: dalin commented
Assigned: Unassigned » dalin
Priority: Normal » Critical
Status: Active » Needs review
FileSize
captcha_fix_validate.patch1.14 KB

I don't think you're poking in the right place. From what I can see, your suggested change would also add a vulnerability.

Here is a patch that I think solves the problem. It also incorporates the fix listed in 114387.

I am patching against the 4-7 version, but it should also apply to the 5 branch.

dalin’s picture

dalin
he/him
Primary language English
Location 🇲🇽, 🇨🇦, 🌍
CreditAttribution: dalin commented
Title: Captcha 5.x.1.1 my captcha.module modification » Captcha not properly saving a correct answer in $_SESSION
ahmaddani’s picture

ahmaddani CreditAttribution: ahmaddani commented
Title: Captcha not properly saving a correct answer in $_SESSION » Captcha not properly saving a correct answer in $_SESSION (fixed version)
Version: 5.x-1.1 » 4.7.x-1.2

Please make fixed version for this module. Why new comer like me, must install bug version?

Thanks before..

ahmaddani
http://ahmad.indieoffset.com

wundo’s picture

wundo CreditAttribution: wundo commented
Status: Needs review » Closed (duplicate)
dsextonj’s picture

dsextonj CreditAttribution: dsextonj commented
Version: 4.7.x-1.2 » 5.x-1.1

So how does a newbie install this patch other than cut and paste?

dalin’s picture

dalin
he/him
Primary language English
Location 🇲🇽, 🇨🇦, 🌍
CreditAttribution: dalin commented

The handbook is your best resource for this stuff. You can find out about patches here:

http://drupal.org/node/60108

csc4’s picture

csc4 CreditAttribution: csc4 commented

Confirm patch works for 4.7.6 - will it be committed soon as it fixes a really big problem