Felix Manea - 2007-09-26 08:18:48
in demo.php replace the following line:
if($_POST['key'] == $_SESSION['key']) {
with
if(strlen($_SESSION['key']) > 0 && $_POST['key'] == $_SESSION['key']) {
because if I submit a form using curl and never have generated the captcha code I will have an empty $_SESSION['key'], which will create $_POST['key'] == $_SESSION['key'] to be valid.
I have used this class and had the specified problem.
Also thank you for posting this class, its really simple to use and very ingenous.
