I’m making a program for registration on a website.
For this, I use C++Builder and Indy (TIdHTTP).
How it works:
- Program receives registration page via GET and extracts CAPTCHA picture address from it;
- downloads the CAPTCHA (GET) and serves it to user;
- sends the data provided by user to the website in POST request.
Problem: The CAPTCHA code is always incorrect. This must be because somewhere between these three calls to website the CAPTCHA challenge changes.
To prevent this, these requests have to be connected somehow
So I think, some kind of sessions support is needed here…
Please tell me how this can be achieved, in Delphi or C++Builder
EDIT:
I found out that Session ID is stored in a cookie thanks to Runner
To me sequence seems correct. Just check that when posting the CAPTCHA answer back, you provide the ID to tell which CAPTCHA that is.
To me it sounds like your POST is not recognized as a specific request. In other words you are probably not assocating the response with the specific user. When you first call GET and get the CAPTCHA back from the server, the server must provide you with the unique ID for the returned CAPTCHA. This can be a unique URL, a cookie, a field embeded in the HTML returned etc…
That is my guess from your description.
EDIT:
I have more info. It is obviously a PHP server. From the page provided by “BlaXpirit”:
So, if the ID is in the cookie, then I guess you are not sending the cookie back. You are the middle man here, It goes like this.
You should send the cookie to the client and then back to the CAPTCHA server, or have your own session management, store the CAPTCHA cookie, identify the client when he/she sends the response and send the cookie with the response back to the CAPTCHA server.