Posted by bwrob on February 1, 2007 at 3:18am
| Project: | CAPTCHA |
| Version: | 5.x-1.1 |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | dalin |
| Status: | closed (duplicate) |
Issue Summary
I think that there is an error in captcha.module validation function.
Even when a math answer is correct it comes with an error message.
Captcha seem to return an empty value.
I modified captcha.module as below and it works fine for me.
/**
* Default implementation of the captcha validation function.
*/
function captcha_captchavalidate(&$captcha_word, &$correct) {
$captcha_word = drupal_strtolower($captcha_word);M
if (($_SESSION['captcha'] != '') AND ($captcha_word == $_SESSION['captcha'])) {
$correct = TRUE;
}elseif (($_SESSION['captcha'] != '') AND ($captcha_word != $_SESSION['captcha'])) {
$correct = FALSE;
form_set_error('captcha_response', t('The answer you entered to the math problem is incorrect.'));
}
}
Comments
#1
A unified diff against the latest released captcha module would be best... can you repost with a diff?
#2
I don't think you're poking in the right place. From what I can see, your suggested change would also add a vulnerability.
Here is a patch that I think solves the problem. It also incorporates the fix listed in 114387.
I am patching against the 4-7 version, but it should also apply to the 5 branch.
#3
#4
Please make fixed version for this module. Why new comer like me, must install bug version?
Thanks before..
ahmaddani
http://ahmad.indieoffset.com
#5
#6
So how does a newbie install this patch other than cut and paste?
#7
The handbook is your best resource for this stuff. You can find out about patches here:
http://drupal.org/node/60108
#8
Confirm patch works for 4.7.6 - will it be committed soon as it fixes a really big problem