drop captcha protection per session
diff --git a/captcha.php b/captcha.php
index af7f3c1..7c4eb6d 100644
--- a/captcha.php
+++ b/captcha.php
@@ -3,13 +3,14 @@
require_once 'config.php';
require_once 'redis.php';
include_once 'utils.php';
+
use Gregwar\Captcha\CaptchaBuilder;
use Gregwar\Captcha\PhraseBuilder;
session_start();
error_reporting(0);
-if (isset($_SESSION['captcha_token']) && $_GET['token']==$_SESSION['captcha_token']) {
+//if (isset($_SESSION['captcha_token']) && $_GET['token'] == $_SESSION['captcha_token']) {
header('Content-type: image/jpeg');
header('Cache-control: no-store');
if (redis_inc_ipdata(getClientIP(), "captcha") > $HOURLY_CAPTCHAS) die("blocked");
@@ -22,4 +23,4 @@
$builder->build();
$_SESSION['captcha'] = $builder->getPhrase();
$builder->output();
-}else echo "huh?";
+//} else echo "huh?";