修复验证码bug

app.py

@@ -222,13 +222,23 @@ def generate_captcha():
 
 
 def verify_captcha(user_input):
+    """验证用户输入的验证码是否正确（只验证最新的4位验证码）"""
     conn = get_db_connection()
     if conn:
         try:
             cursor = conn.cursor()
-            cursor.execute("SELECT code FROM captcha ORDER BY created_at DESC LIMIT 1")
+            # 只查询最新的验证码（确保是4位的）
+            cursor.execute("""
+                SELECT code FROM captcha 
+                WHERE LENGTH(code) = 4  -- 只查询4位验证码
+                ORDER BY created_at DESC 
+                LIMIT 1
+            """)
             result = cursor.fetchone()
             if result and user_input.upper() == result[0]:
+                # 验证成功后删除已使用的验证码
+                cursor.execute("DELETE FROM captcha WHERE code = %s", (result[0],))
+                conn.commit()
                 return True
             return False
         except Error as e:
@@ -859,11 +869,11 @@ def register():
                     conn.close()
 
     # 生成新验证码
-    captcha_code = generate_captcha()
+    captcha_url = url_for('captcha')  # 使用图片验证码
     return render_template('register.html',
-                           captcha_code=captcha_code,
-                           registration_open=current_app.config['REGISTRATION_OPEN'],
-                           email_required=current_app.config['EMAIL_VERIFICATION_REQUIRED'])
+                         captcha_url=captcha_url,  # 前端改为显示图片验证码
+                         registration_open=current_app.config['REGISTRATION_OPEN'],
+                         email_required=current_app.config['EMAIL_VERIFICATION_REQUIRED'])
 
 
 @app.route('/verify-email/<token>')
@@ -1081,8 +1091,8 @@ def login():
                     cursor.close()
                     conn.close()
 
-    captcha_code = generate_captcha()
-    return render_template('login.html', captcha_code=captcha_code)
+    captcha_url = url_for('captcha')
+    return render_template('login.html', captcha_url=captcha_url)
 
 
 @app.route('/logout')