You can check the HTTP_REFERER from the _SERVER array against the url
of your view as provided in the snippet below or you can strip out the
server name from the HTTP_REFERER and compare it against.
Feeding direct url of the captcha action will redirect the user to ur
main page.
$base = 'http://' . $_SERVER['SERVER_NAME'] . $this->base;
if( $_SERVER['HTTP_REFERER'] != ($base . '/'.$uri)) {
$this->redirect('/');
}
else { //generate captcha }
hope it helps.
-Ketan
http://www.innovatechnologies.in
http://www.propertyjungle.in
ReiToei wrote:
> Hi,
> I have been able to implement stephanoff's captcha component as per:
> http://bakery.cakephp.org/articles/view/integrate-cakephp-with-kcaptcha
>
> I have a User component, with a captcha action that renders the
> graphic, so in my view I just have:
>
> <img src="<?php echo $html->url('/users/captcha'); ?>" />
>
> It works fine, but my problem is anyone can access the action via
> mysite.com/users/captcha. I don't want people to be able to access it
> via a URI, I only want it to be available internally, that is, if
> called from a view.
>
> I know about making functions private by adding an underscore and I've
> also read into beforeFilter stuff too. I feel like I'm halfway there
> but just need a final push in the right direction. Would really
> appreciate it if anyone could help.
>
> Thanks,
> Rei
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
