We've all seen this - in fact Yahoo Groups uses it to join its groups now. You are registering for something and are presented with a graphic with a combo of letters and numbers, sometimes at weird angles and diff. fonts and you have to type in exactly what you see and it has to match.
Kicking this out with a random call to MySQL is how I'm doing it; but probably doing it badly with the only method which has come clear to me in verifying it - I have a database table with these fields: ID, value, and filename. The ID is the autoincrement primary key to identify the image, the value is the actual letters and numbers (string) which appears on the image. So when the form is submitted, I have a hidden field (which is what scares me) that carries that particular images ID with it to query up the value. Are you with me? I don't like having the hidden field because it isn't hidden at all if the user views the source, of course, and I'm wondering what more secure way I could do this verification without this huge security snafu. Someone will probably tell me and I'll bang my head against my desk saying duh, so I'll go get my helmet... Thanks... Marian Community email addresses: Post message: php-list@yahoogroups.com Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] List owner: [EMAIL PROTECTED] Shortcut URL to this page: http://groups.yahoo.com/group/php-list Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-list/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/