Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

help me, how to find text on an external html site using PHP
Would anyone know how to search an external html file for a work or phrase ?

I was thinking s

Can't find a decent web analytics!!!
I've downloaded and installed Piwik. It's location detection based on IP addresses is fairly inaccur

PHP File Upload Problem
Hi, I have written a very simple file upload script but it fails for reasons I can't explain. Hope

subtract 1 from value entered in text field
Hi

How do I subtract 1 from the vaue entered into a text field?

Thanks

Windows 7
Windows 7 default user account control worries experts. Corporate IT departments should be pleased w

Replacing a string on click of a button
Hi! Is there a way to replace a string on a click of a text link?

This is what I've come up w

Warehouse Management
Hi,

On our system, we have two storage locations ( A and B ) where A is the main factory

PHP4 to PHP5 Conversion
Hi Everyone,

I am working on a site that is built up on PHP4 and each page is being started f

help finding hacking loopholes
i was attacked by a redirect php injection

my pc is clean of viruses

so i figure that

Renaming a file that a user uploads to site?
My site allows for registered users to upload images to the site under their own gallery. Currently

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash