[#ZF-4245] Zend_Captcha_Figlet validation problem - Zend Framework Issue Tracker

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 1.6.0
Fix Version/s: 1.7.0
Component/s: Zend_Captcha
Labels:
None

Description

I have captcha form element:

$captcha = new Zend_Form_Element_Captcha('captcha', array(
    		'label' => "Please verify you're a human",
    		'captcha' => array(
        	'captcha' => 'Figlet',
        	'wordLen' => 6,
        	'timeout' => 300,
		),));

When not fill the edit box, and submit form, I get "Captcha value is wrong" message, ok.

But if I now resend this form by pressing F5, or Ctrl+R, form is validated successfully with empty captcha text box !!!!

Here a test form and controller:

CaptchaTestController.php

class CaptchaForm extends Zend_Form
{
	public function init()
	{
		$captcha = new Zend_Form_Element_Captcha('captcha', array(
    		'label' => "Please verify you're a human",
    		'captcha' => array(
        	'captcha' => 'Figlet',
        	'wordLen' => 6,
        	'timeout' => 300,
		),));
		$submit = new Zend_Form_Element_Submit('submit');
		$this->addElements(array($captcha, $submit));
	}
}

class CaptchaTestController extends Zend_Controller_Action
{
	function indexAction()
	{
		$form = new CaptchaForm(array(
			'action' => $this->view->url(array('controller' => 'captchatest')),
			'method' => 'post'));

		$this->view->form = $form;

		if($this->_request->getParam('submit'))
		{
			if ($form->isValid($this->_request->getParams()))
			{
				echo "valid form";
			}
			else
			{
				echo "invalid form";
			}
		}
	}
}

More Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Download All

Attachments

Zend_Captcha_FigletTestPatch.patch

09/Oct/08 3:03 PM

1 kB

Tobias Gies
Zend_Captcha_WordPatch.patch

09/Oct/08 2:05 PM

0.4 kB

Tobias Gies

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Tobias Gies added a comment - 08/Oct/08 8:58 AM

upped to "Blocker" because this effectively renders Zend_Captcha_Figlet useless

Show

Tobias Gies added a comment - 08/Oct/08 8:58 AM upped to "Blocker" because this effectively renders Zend_Captcha_Figlet useless

Hide

Permalink

Ralph Schindler added a comment - 08/Oct/08 9:01 AM

Assigning by ralph

Show

Ralph Schindler added a comment - 08/Oct/08 9:01 AM Assigning by ralph

Hide

Permalink

Thorsten Ruf added a comment - 08/Oct/08 12:08 PM

This Problem occurs not only by using the Figlet Adapter. All Adapter shows the same behaviour.
Hopefully we have a fix as soon as possible because this error make the whole ZEND_CAPTCHA useless.

Show

Thorsten Ruf added a comment - 08/Oct/08 12:08 PM This Problem occurs not only by using the Figlet Adapter. All Adapter shows the same behaviour. Hopefully we have a fix as soon as possible because this error make the whole ZEND_CAPTCHA useless.

Hide

Permalink

Tobias Gies added a comment - 08/Oct/08 2:44 PM

Thorsten is right, I can at least verify this for all Zend_Captcha_Word based implementations. I haven't tested Zend_Captcha_ReCaptcha yet.

Show

Tobias Gies added a comment - 08/Oct/08 2:44 PM Thorsten is right, I can at least verify this for all Zend_Captcha_Word based implementations. I haven't tested Zend_Captcha_ReCaptcha yet.

Hide

Permalink

Tobias Gies added a comment - 09/Oct/08 2:05 PM

The problem was actually in Zend_Captcha_Word. Comparison was too weak, the error occured because '' == null. Used the !== operator instead.

Show

Tobias Gies added a comment - 09/Oct/08 2:05 PM The problem was actually in Zend_Captcha_Word. Comparison was too weak, the error occured because '' == null. Used the !== operator instead.

Hide

Permalink

Tobias Gies added a comment - 09/Oct/08 3:03 PM

Added Unit test.

NOTE: BOTH MY PATCHES are relative to their respective parent directory, meaning the patch to Zend_Captcha_Word must be applied when in the /standard/trunk/library directory in SVN and the patch to Zend_Captcha_FigletTest must be applied in /standard/trunk/tests

Show

Tobias Gies added a comment - 09/Oct/08 3:03 PM Added Unit test. NOTE: BOTH MY PATCHES are relative to their respective parent directory, meaning the patch to Zend_Captcha_Word must be applied when in the /standard/trunk/library directory in SVN and the patch to Zend_Captcha_FigletTest must be applied in /standard/trunk/tests

Hide

Permalink

Tobias Gies added a comment - 09/Oct/08 3:03 PM

Assigning to Matthew for inclusion

Show

Tobias Gies added a comment - 09/Oct/08 3:03 PM Assigning to Matthew for inclusion

Hide

Permalink

Alexander Veremyev added a comment - 12/Oct/08 3:26 AM

Fixed.

Show

Alexander Veremyev added a comment - 12/Oct/08 3:26 AM Fixed.

Hide

Permalink

Wil Sinclair added a comment - 13/Nov/08 2:10 PM

Changing issues in preparation for the 1.7.0 release.

Show

Wil Sinclair added a comment - 13/Nov/08 2:10 PM Changing issues in preparation for the 1.7.0 release.

People

Assignee:

Matthew Weier O'Phinney

Reporter:

Dawid Cieszynski

Vote (3)

Watch (3)

Dates

Created:

11/Sep/08 1:29 AM

Updated:

13/Nov/08 2:10 PM

Resolved:

12/Oct/08 3:26 AM