PHP Captcha without session

后端 未结 13 1670
傲寒
傲寒 2021-01-04 13:51

Ok, here is an issue: in the project i\'m working on, we can\'t rely on server-side sessions for any functionality.

The problem is that common captcha solutions fro

13条回答
  •  醉梦人生
    2021-01-04 14:46

    Without persistent state server-side, I don't see a CAPTCHA working.

    What you suggested is not secure since an attacker could easily always POST his own 'hidden field' with matching CAPTCHA text.

    Why not do the CAPTCHA from another webserver where you can have persistent state?

提交回复
热议问题