Hey everyone, I've been trying to make a secure registration page to prevent automated registrations.
I started out with this:
At the very top of my script, I placed:
session_register();
Then down further:
srand(time());
$r1 = (rand()%9);
$r2 = (rand()%9);
$r3 = (rand()%9);
$r4 = (rand()%9);
$r5 = (rand()%9);
$sc = "$r1$r2$r3$r4$r5";
Which generates 5 random numbers and displays them as images. The user then needs to confirm the number by typing it in a form field.
Below that:
$_SESSION['scode'] = $sc;
Which seemed to be working fine. Now after submitting the form (which points to itself),
The code is split up by if statements, and that has been working fine, one half contains the random number generator, the form, and the registering of that random number into the session variable 'scode'.
The other side of the script checks everything that it's okay.
The session check:
elseif($_SESSION['scode'] != $code)
{
doerror("Security code doesn't match!");
}
$code is from the form variable that they type in.
Now the problem I'm having is that, when over 50 people try to register at the same time, the sessions seem to mess up and it shows that error even though the users typed in thier security code correctly.
What could be going on here?
Thanks,
Euphorian
