Need I destroy session after I create it? Need I destroy session after I create it?
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Need I destroy session after I create it?

Started by chzuqi, March 16, 2009, 09:42:16 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

chzuqi

I edit the file "register.php" and put the Security Code Check In it just look like the file I  uploaded.
The file saved the Security Code into $_SESSION['SafeCode'],need I destroy it when it invalid? ???

I put array('safecode'),
after array('input', 'email', $lang_register_php['email'], 255),

and put this to display Security Codecase 'safecode':
    echo <<<EOT
    <tr><td width="40%" class="tableb"  height="25">
        <script language="javascript">
function startRequest(){
$("#re").load("ajaxcheckcode.php?safecode="+$("#safeccc").val());
}
</script>
            Security Code:<span style="font-size:10px">(click to refresh)</span><img src=ajaxcode.php onclick="this.src='ajaxcode.php?nocache='+Math.random()" style="cursor:hand"/></td>
        <td width="60%" class="tableb" valign="top">
        <input type=text name=safecode id=safeccc style="width:80px" onBlur="startRequest()"><span id=re style="padding-left:30px;font-size:12px"></span>
        </td></tr>
EOT;
    break;

afterforeach ($form_data as $element) switch ($element[0]) {

put thw code to check the Security Codesession_start();
if ((get_post_var('safecode') != $_SESSION['SafeCode']) or ($_SESSION['CodeTime']<time())){
$error = '<li>' . 'Security Code Wrong';
return false;
}

after$result = cpg_db_query($sql);

The file I used has uploaded.

Joachim Müller

Ask the person you got your "securitycode" hack from. It's not part of Coppermine, so how are we suppossed to know what that hack does and what it takes to make it work.
What is that piece of code suppossed to do? Is it some sort of captcha hack? If yes, use the captcha mod or plugin that is being discussed here on our site. If you insist on using a third-party hack that doesn't come from this site, you're on your own.

chzuqi