Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Variable uses and placement
I'm new to PL/SQL and am trying to learn about variable valid uses/placement (any pointers to any do

need help in update query
hi
i have a dynamic form. i need help in how can i use update query when values from dynamic for

i want run some web server under the ip sharer
hello i want run some web server under the ip sharer
my ip is floating ip but it doesnt matter

Any Good MMORPGs you've played?
I'm about to have ALOT of free time on my hands (finished highschool) and I need something to fill t

PHP/Database issue
My friend is helping me make a database where you go to a certain webpage of my site and the page wi

DATEDIFF Question
First time post, and of course it is a help question.

I am using a WP plug-in to display prev

Posting to another Site?
I have software that people install.
When they install it, is there a way to make it post their d

MVC - Code review
I'm in the process of trying to wrap my head around MVC, and as part of that, I'm attempting to impl

newbie error
what is wrong with this code ?

<html>
<body>

<?

TemplatePower & AJAX
Hi all,



I'm currently implementing some AJAX features in my PHP-framework (which is b

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash