Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

mysql_real_escape_string
Let me preface this that I am very much a PHP noob, but I have some SQL training (not necessarily My

How to add advertisment on top of videos
Hello,
I was told that i should find the answer for this problem in this forums.
I searched a

mySQL and PHP search
Hello,
I am trying to code a project and ran into a brick wall with one of my pages. I am pretty

PHP hyperlinks generator - HELP plz
Hi

I need some help to get this done using php:


1 - I have few hyperlinks say 500

Error querying database.
I get the above error when trying to insert some values to a datatable.
Here's the code :

validating url
im trying to validate url's sent to me by a form
the url's im collecting are for placing banners

Tournament Brackets (Double Elimination)?
Is making a double elimination tournament style bracket system capable of being done in php?

Target costs on Process orders not calculating
Hi All,

We have released standard costs for all the materials. We have also done Goods r

upload only text files
hi guys i want to upload only text like like (pdf,note pad and ofiice files) so can any one please t

apart from cron
I need to run a php file every one hour. Is there any other solution apart from cron job?

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash