in a hidden form field.
DO NOT DO IT. A spider can download the html and read that string and
pass that as the field.
Burns, John D wrote:
> It shouldn't be hard. You don't necessarily need to create the images
> on the fly. Just create a bunch of them once. Then associate the file
> name with the correct answer in the DB. Each time you display a file to
> the user, generate another unique id mapping the particular display to
> that particular user with a record from the other table that has the
> filename and correct answer. Display the image to the person and hide
> the unique id (in session or hidden form). Then when submitted, check
> that session to find out which image was passed and compare their
> response with the correct string. Remove the record from the DB so they
> can't submit multiple times with the same info. Just my thoughts, there
> may be an easier way.
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
