Hi,
I've made a form with several fields and a Zend_Form_Element_Captcha
element (image based). When the form is submitted (via POST)
using the submit button, if the captcha textbox is empty it will show
the badCaptcha message as it is supposed to, but if
I hit reload on the browser and confirm resubmitting the form the
captcha is magically bypassed and it is executed the
code inside the $frm->isValid() block.
Can anyone who is using Zend_Form_Element_Captcha try to reproduce the
error and/or check if I am missing something obvious?
A simplified version of the code I'm using follows below.
Regards,
João Pinheiro
/* Form Class */
class AForm extends Zend_Form {
public function __construct($action = '') {
global $Settings;
parent::__construct();
$this->setAction($action)
->setName('frms')
->setMethod('post');
// [...] other elements removed
$params = array(
'label' => 'Introduza o código:',
'required' => true,
'captcha' => 'Image',
'captchaOptions' => array(
'captcha' => 'Image',
'wordLen' => 6,
'timeout' => 300,
'font' => $Settings->parameters->path .
'/fonts/FreeSerif.ttf',
'imgDir' => $Settings->parameters->rootpath . '/captcha/',
'imgUrl' => $Settings->parameters->url . '/captcha/',
'height' => 40
));
$this->addElement('captcha', 'cid', $params);
}
(...)
/* Action inside controller */
public function formAction() {
global $Settings;
$frm = new AForm($this->Settings->parameters .
$this->actionPath('form'));
$this->view->form = $frm;
$this->view->submitted = false;
if ($this->getRequest()->isPost()) {
if ($frm->isValid($_POST)) {
$this->view->submitted = true;
/* $frm->send(); */
}
}
$this->renderToBody('form.phtml');
}
