includes/sessions.php
changeset 402 d907601ccad2
parent 401 6ae6e387a0e3
child 406 7468a663315f
--- a/includes/sessions.php	Wed Feb 06 18:41:47 2008 -0500
+++ b/includes/sessions.php	Wed Feb 06 19:27:43 2008 -0500
@@ -2738,21 +2738,24 @@
   /**
    * Makes a CAPTCHA code and caches the code in the database
    * @param int $len The length of the code, in bytes
+   * @param string Optional, the hash to reuse
    * @return string A unique identifier assigned to the code. This hash should be passed to sessionManager::getCaptcha() to retrieve the code.
    */
   
-  function make_captcha($len = 7)
+  function make_captcha($len = 7, $hash = '')
   {
     global $db, $session, $paths, $template, $plugins; // Common objects
     $code = $this->generate_captcha_code($len);
-    $hash = md5(microtime() . mt_rand());
+    if ( !preg_match('/^[a-f0-9]{32}([a-z0-9]{8})?$/', $hash) )
+      $hash = md5(microtime() . mt_rand());
     $session_data = $db->escape(serialize(array()));
     
     // sanity check
     if ( !is_valid_ip(@$_SERVER['REMOTE_ADDR']) || !is_int($this->user_id) )
       return false;
     
-    $this->sql('INSERT INTO '.table_prefix.'captcha(session_id, code, session_data, source_ip, user_id)' . " VALUES('$hash', '$code', '$session_data', '{$_SERVER['REMOTE_ADDR']}', {$this->user_id});");
+    $this->sql('DELETE FROM ' . table_prefix . "captcha WHERE session_id = '$hash';");
+    $this->sql('INSERT INTO ' . table_prefix . 'captcha(session_id, code, session_data, source_ip, user_id)' . " VALUES('$hash', '$code', '$session_data', '{$_SERVER['REMOTE_ADDR']}', {$this->user_id});");
     return $hash;
   }
   
@@ -2829,7 +2832,11 @@
       return false;
     }
     
-    $q = $this->sql('SELECT code_id, code FROM ' . table_prefix . "captcha WHERE session_id = '$hash';");
+    // sanity check
+    if ( !is_valid_ip(@$_SERVER['REMOTE_ADDR']) || !is_int($this->user_id) )
+      return false;
+    
+    $q = $this->sql('SELECT code_id, code FROM ' . table_prefix . "captcha WHERE session_id = '$hash' AND source_ip = '{$_SERVER['REMOTE_ADDR']};");
     if ( $db->numrows() < 1 )
       return false;