New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PATCH: change captcha after it validates #1342
Comments
here is a part of CCaptchaAction.php:validate if($valid || $session[$name] > $this->testLimit && $this->testLimit > 0)
$this->getVerifyCode(true);
return $valid; I've just added "$valid || " |
Thanks for this awesome post! |
Is it tested? It does not work with save() because the model will be validated twice (1 for the rule + 1 for save): getVerifyCode will be true after the first one and save() will fail. Even setting $testLimit to 0 will not help. |
You can call 'save(false)' when you already validated a model. |
Sure, this is a workaround. Another solution (maybe safer and more clear to the user?) is to remove the captcha session after save(). Captcha behavior does not look consistent with other validators. |
you should avoid two validations (wither use validate followed by save(false) or just "if ($model->save())" without validate as the default validate=true is implied but I agree we need a fix that works even if two validations is done this should work by just adding a flag and doing the actual regeneration of captcha in Controller::afterAction() I can do this, but I guess it's better done by Yii's core team |
Yes, you could reset the session when it becomes useless (after a save for example) even if $testLimit is 0 or a high number. Another possibility: give the user a way to do that in a simple way. At the moment I only know this way, in the Controller or in ActiveRecord (to be used on afterSave):
|
Why is it not corrected in yii yet? |
we want to change captcha after it validates correctly,
because a user might use the same captcha several times to post a spam comment or signup several fake accounts ..etc.
http://www.yiiframework.com/forum/index.php/topic/17638-captcha-code-not-changing/
The text was updated successfully, but these errors were encountered: