duancaishun4812 2011-04-09 02:39
浏览 28
已采纳

PHP:将类实例传递给另一个页面?

I'm trying to implement a captcha system, and I found a nice and very simple class trough google that does what I want.

it's something like:

$captcha = new Captcha();
$prefix = mt_rand();
$image = $captcha->generate($prefix);

then I add the image in the form:

<img src="<?php echo $image; ?>" />
<input name="captcha" type="text" value="Type the security code from above" />

it works fine so far, but I don't know how to check if the submitted code matches the captcha. In the documentation, it says I have to do it with:

$correct = $captcha_instance->check($prefix, $_POST['captcha']);

but the problem is that after the form is submitted $captcha and $prefix are gone...

How do I pass these variables after the form is submitted to the next page?

  • 写回答

4条回答 默认 最新

  • dongyan3562 2011-04-09 03:15
    关注

    @mario: you were right :D it's only the $prefix I needed to pass as a hidden input field :)

    That's a very bad idea - in your form tag, if say you have hidden field captcha_answer and you're passing the value of that to $captchaInstance->check(), then you defeat the purpose of a captcha. Captcha's are to sort out robots from humans, but its so simple to read a value by downloading the source in the captcha solving bot and just getting the value="{answer}" out of the source.

    Instead, you should use this:

    <?php
session_start();
$_SESSION['answer'] = $prefix;
?>

    Then in your checker you do this:

    <?php
session_start();
$prefix = $_SESSION['answer'];
$passed = $captcha->check($prefix);
?>

    In fact, I think this class would be better as only having static methods, but that's my opinion. Anyway, this way means that all the data is only stored server-side so they can't just view source for captcha answer.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 java报错:使用mybatis plus查询一个只返回一条数据的sql,却报错返回了1000多条
  • ¥15 Python报错怎么解决
  • ¥15 simulink如何调用DLL文件
  • ¥15 关于用pyqt6的项目开发该怎么把前段后端和业务层分离
  • ¥30 线性代数的问题,我真的忘了线代的知识了
  • ¥15 有谁能够把华为matebook e 高通骁龙850刷成安卓系统,或者安装安卓系统
  • ¥188 需要修改一个工具,懂得汇编的人来。
  • ¥15 livecharts wpf piechart 属性
  • ¥20 数学建模,尽量用matlab回答,论文格式
  • ¥15 昨天挂载了一下u盘,然后拔了