> I have a form that has a CAPTCHA on it, the answer to the CAPTCHA > is stored in a CF SESSION variable. I use JavaScript to check the > form contents being submitted, which (now includes a CAPTCHA > challenge). If I convert the answer to js format(in the form), and > then call it from the external .js file, that will work fine, but > the problem is, I made the answer available to any bots, because it > is now in the source code of the form. What I am trying to do is > get the contents of the SESSION variable into the .js file, without > compromising the answer. I think however it may make more sense for > me to simply have the challenge in a separate template(that the > user must go through first), before allowing him access the form.
What I might suggest, instead, is have your javascript check to make sure that the captcha field is not empty: function checkCaptchaExists(){ if (document.getElementById("captcha_text").value != '' ){ return true; } else{ return false; } } Then you'll have your form post actions validate your captcha text against the session variable. (i.e. - <cfif form.captcha_text EQ session.captcha_text></cfif>) There are ways (like configuring your server to make Coldfusion process javascript pages) that you could get your session variables in your javascript file, but there are many more reasons that you would not want to do so - one big one being the way most browsers cache javascript files. Option B, if you really want to do it through javascript is to change the extension of your javascript file to .cfm. If you do that, I would suggest only putting the function in for the captcha, though as once you make it a .cfm file, browsers will not cache the contents and will reload any scripts with a .cfm extension on every page request. HTH, Jon ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion MX7 by AdobeĀ® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275166 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4