mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-05 14:17:49 +02:00
Code Issues Releases Wiki Activity

Update secure_img_handler.php

Browse Source 
Captcha can be bypassed if empty value given.
This commit is contained in:
Lee Howarth
2016-08-10 19:27:43 +01:00
committed by GitHub
parent 0b06fbda62
commit 1dbd7423c0
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
e107_handlers/secure_img_handler.php
View File

@@ -81,7 +81,7 @@ class secure_image
// $sql = e107::getDb(); // $sql = e107::getDb();
// $tp = e107::getParser(); // $tp = e107::getParser();
if(!empty($_SESSION['secure_img'][$recnum]) && (intval($_SESSION['secure_img'][$recnum]) == $checkstr)) if(!empty($_SESSION['secure_img'][$recnum]) && 0 == strcmp($_SESSION['secure_img'][$recnum], $checkstr))
{ {
unset($_SESSION['secure_img']); unset($_SESSION['secure_img']);
return true; return true;
@@ -441,4 +441,4 @@ class secure_image
} }
?> ?>