> I have a form that has a CAPTCHA on it, the answer to the CAPTCHA
> is stored in a CF SESSION variable. I use JavaScript to check the
> form contents being submitted, which (now includes a CAPTCHA
> challenge). If I convert the answer to js format(in the form), and
> then call it from the external .js file, that will work fine, but
> the problem is, I made the answer available to any bots, because it
> is now in the source code of the form. What I am trying to do is
> get the contents of the SESSION variable into the .js file, without
> compromising the answer. I think however it may make more sense for
> me to simply have the challenge in a separate template(that the
> user must go through first), before allowing him access the form.
What I might suggest, instead, is have your javascript check to make
sure that the captcha field is not empty:
function checkCaptchaExists(){
if (document.getElementById("captcha_text").value != '' ){
return true;
} else{
return false;
}
}
Then you'll have your form post actions validate your captcha text
against the session variable. (i.e. - <cfif form.captcha_text EQ
session.captcha_text></cfif>) There are ways (like configuring your
server to make Coldfusion process javascript pages) that you could
get your session variables in your javascript file, but there are
many more reasons that you would not want to do so - one big one
being the way most browsers cache javascript files.
Option B, if you really want to do it through javascript is to change
the extension of your javascript file to .cfm.
If you do that, I would suggest only putting the function in for the
captcha, though as once you make it a .cfm file, browsers will not
cache the contents and will reload any scripts with a .cfm extension
on every page request.
HTH,
Jon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
ColdFusion MX7 by AdobeĀ®
Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7.
Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275166
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
