Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Displaying pictures
i have worked my way through storing images in directory and storing the location in mySQL db.Now i

session variable problem
Session variable is not working in Fire fox i am getting null value but it is working fine in IE.

Do While statement
hi guys,

This may sound trivial but im new to php and as part of an assignmenti have to const

I got my hosting suspended XD
So I saw this challenge a day or so ago

http://www.programming-challenges.com/pg.php?page=dow

check if string contain only a-z/A-Z
Is where any way to check if string contains only a-z/A-Z, without writing an array with all possibl

Inserting the current date/time while submitting the forum
What do I need to add below to update the current date/time? I have a field in the database called d

Passing variables with pagination - iterating through unique id per link
Hi everyone,
I have seen a few topics like this one. Still cant find the specific thing, so I am

Count on multidimensional array
Hi, i got an array as below:

Array
(
=> Array
(

php and downloading
I want to use a php script to create two files. Then I want it to redirect (or whatever) to have tho

login from external site
Hi my new experience begins, Now what i am trying to do is i make three pages, login.php logout.php

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash