Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Certain files upload, while others do not
I want to read the data from an uploaded file. Not sure why, but it only uploads for certain files.

IP question
ive got 2 ip addresses both global from same user how would i detect if they are local to each other

Help with php code
Hello, can anyone tell me why this php word trap fails to work,
and the trigger words get blow r

Different payment methods with different cross company requirements in F110
We are implementing SAP in a company in the shipping industry. They have the following requirement:<

HTML form problem
Ive made a form to that i want to send to my email via PHP. but when it send only the name's etc sen

Restricted access to sub-folder in iis6 doesn't work?
Basically I'm trying to add restriction to sub-folder (which contains pdf) in web.config for iis6 as

Content-Disposition: attachment; filename=... not working as i thought it should
taken the following code from the php.net site the script is not working.

what is not happeni

How to read CSS message data
Hi,
I have a requirement here. When working as a Dev angel for multiple customers its really di

Shuffle Array
Hi,

I am writing a script for a game that needs players to randomly be assigned a target (ano

Simple Question
I know this is a simple question, that if I knew what it was technically called i could probably loo

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash