search

Lucas89moya / recaptcha

Automatically exported from code.google.com/p/recaptcha
0 stars 0 forks source link

Recaptcha accepts incorrect answers/response. #77

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Type in the captcha words and change one vowel like "o" into an "a".
2. Click on your forms submit button. 
3. recaptcha accepts the incorrect entry.

What is the expected output? What do you see instead?
Recaptcha should respond by saying the words entered are incorrect.
Instead, the incorrect words are accepted as a valid response.

What version of the product are you using? On what operating system?
recaptcha-php-1.11
Windows XP SP3

Please provide any additional information below.
Web Server: Apache 2.2.14
Scripting Language: php5.2.12
Browser Used:Mozilla Firefox 3.6.8
Testing on a local machine(localhost).

The form code:
[code]
<form name="login-form" id="login-form" action="login.php" method="post">
<table border="0" cellpadding="4" cellspacing="0" align="center">
<tr>
<td colspan="2" align="center">'.$l_msg.'&nbsp;</td>
</tr>
<tr>
<td>Username</td>
<td><input type="text" name="username" id="username" size="37" maxlength="20" 
/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" id="password" size="37" 
maxlength="20" /></td>
</tr>
<tr>
<td colspan="2" 
align="center">'.recaptcha_get_html($GLOBALS['g_publicKey']).'</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="login" id="login" 
value="Login" /></td>
</tr>
</table>
</form>
[/code]

How I validate response:
[code]
$g_resp = recaptcha_check_answer ($GLOBALS['g_privateKey'], 
$_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], 
        $_POST["recaptcha_response_field"]);

if (!$g_resp->is_valid) {
$_SESSION['errmsg'] = "The reCAPTCHA wasn't entered correctly.<br />Please try 
it again.";
header('location: 
http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/index.php');
die();
}
[/code]

Original issue reported on code.google.com by Devli...@gmail.com on 26 Jul 2010 at 1:52

GoogleCodeExporter commented 8 years ago 
This is expected behavior. See 
http://code.google.com/apis/recaptcha/docs/troubleshooting.html#incorrectwords

Original comment by colin.mc...@gmail.com on 2 Sep 2010 at 3:52