Users are given internet access if they enter blank voucher in Captive Portal
I'm using 2.0-BETA4 (i386) built on Fri Oct 8 01:43:49 EDT 2010. The captive portal blocks access to the internet if a voucher has expired. However, if people try just clicking on "Submit", they are given internet access.
Do you have authentication type configured for no authentication, local user manager, or radius authentication? If you have it on "no authentication" then that would probably cause that. Try putting it on local user manager if that is the case.