Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

form problem
Hi all, I think this is going to be easy to resolve but for I have been looking at it to long and I

query help
Hi experts.

i have a table rep2 like this
PROD_COD ACCT_NO DUE_DAYS BALANCE

Need help with a mail notify function
I was tasked with setting up a site that's been prewritten. The site is basically a form that captur

Re-Order by ID Number
I have a cms set up for inputting an image, thumb, title, pdf, and eps. When input the database ass

Date/Time and Checkbox
Hi Everyone,

I am trying to figure out how to insert the current date and tim

* Gridview and Detailsview in UpdatePanel, insert mode problem
I have a GridView and DetailsView working together. When a record from Gridview is selected, Detail

What do you call the "token" thing?
You know how some sites have links that run on tokens? Tokens are links that only stay alive for a c

exclude characters from counting?
Hello, I wanted to ask if you have a string like:
Code: $my_s='ASRGREGTGTR----REGREGRE+++RRRRRR..

Warning: Cannot modify header information - headers already sent by (output sta
Warning: Cannot modify header information - headers already sent by (output started at /home/praylif

check comment for html
hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash