From 58ac0d5ea4e8a0a93224d4462dbca80658222df2 Mon Sep 17 00:00:00 2001
From: Francois <francoishill11@gmail.com>
Date: Sat, 9 Aug 2014 15:35:29 +0200
Subject: [PATCH] Update captcha.go

Captcha must be deleted if the user entered a "challenge" with a different length than the captcha.
---
 utils/captcha/captcha.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/utils/captcha/captcha.go b/utils/captcha/captcha.go
index 5354423e..27748f12 100644
--- a/utils/captcha/captcha.go
+++ b/utils/captcha/captcha.go
@@ -200,7 +200,7 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) {
 
 	key := c.key(id)
 
-	if v, ok := c.store.Get(key).([]byte); ok && len(v) == len(challenge) {
+	if v, ok := c.store.Get(key).([]byte); ok {
 		chars = v
 	} else {
 		return
@@ -211,6 +211,9 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) {
 		c.store.Delete(key)
 	}()
 
+	if len(chars) != len(challenge) {
+		return
+	}
 	// verify challenge
 	for i, c := range chars {
 		if c != challenge[i]-48 {
@@ -221,6 +224,7 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) {
 	return true
 }
 
+
 // create a new captcha.Captcha
 func NewCaptcha(urlPrefix string, store cache.Cache) *Captcha {
 	cpt := &Captcha{}