I have a timer on my site, and when it counts down from 30 it displays an iframe with a captcha, a verification code is sent to the captcha, and from the captcha those code is sent to be verified and a members account is credited.
Heres is the problem:
Type this in your address bar and it sets the variable t to 0 triggering the captcha pre maturely!
How would i go about patching this?
Heres is the problem:
Type this in your address bar and it sets the variable t to 0 triggering the captcha pre maturely!
| Code: |
|
javascript:alert(t=0) |
| Code: |
|
<script type="text/javascript"> var t = 30; var decr = 1; var handle = null; var e = null; function startTimer() { if(!e) e = document.getElementById("time"); e.innerHTML = t; handle = setInterval(function() { if(t == 0) { clearInterval(handle); document.getElementById("clock").style.width = "319px"; document.getElementById("clock").style.width = "159px"; document.getElementById('time').innerHTML='<iframe name="success" src="recap.php?ad=<? echo $adse ?>&verify=<? include('vercode.php'); ?>&p=0" border="0" framspacing="0" marginheight="0" marginwidth="0" vspace="0" hspace="0" style="vertical-align: top;" frameborder="0" height="400" scrolling="no" width="319"></iframe>' } else { t -= decr; e.innerHTML = t; } }, decr * 1000); } window.onload = startTimer; </script> |
How would i go about patching this?
