Thanks Aran and Ketan, I ended up going for Ketan's solution, using the referer method. Works exactly how I wanted it to.
You guys rock :) -Rei On Apr 17, 5:13 am, k10 <[EMAIL PROTECTED]> wrote: > You can check the HTTP_REFERER from the _SERVER array against the url > of your view as provided in the snippet below or you can strip out the > server name from the HTTP_REFERER and compare it against. > > Feeding direct url of the captcha action will redirect the user to ur > main page. > > $base = 'http://' . $_SERVER['SERVER_NAME'] . $this->base; > if( $_SERVER['HTTP_REFERER'] != ($base . '/'.$uri)) { > $this->redirect('/');} > > else { //generate captcha } > > hope it helps. > > -Ketanhttp://www.innovatechnologies.inhttp://www.propertyjungle.in > > ReiToei wrote: > > Hi, > > I have been able to implement stephanoff's captcha component as per: > >http://bakery.cakephp.org/articles/view/integrate-cakephp-with-kcaptcha > > > I have a User component, with a captcha action that renders the > > graphic, so in my view I just have: > > > <img src="<?php echo $html->url('/users/captcha'); ?>" /> > > > It works fine, but my problem is anyone can access the action via > > mysite.com/users/captcha. I don't want people to be able to access it > > via a URI, I only want it to be available internally, that is, if > > called from a view. > > > I know about making functions private by adding an underscore and I've > > also read into beforeFilter stuff too. I feel like I'm halfway there > > but just need a final push in the right direction. Would really > > appreciate it if anyone could help. > > > Thanks, > > Rei --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---