Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

EU VAT Package 2010
Does any one know whether SAP will be developing new reporting functionality due the new VAT rules t

Help: problem with Headers to download PDF file
Hi,

I'm trying to implement a script where when a user clicks a link he gets a PDF file to op

getAlexaRank($url) function not working
I have made a function to get alexa rank
the site is here: http://mytestsite.rack111.com/1

Auto install
Hi I have a directory lets say "apps" that I then have more folders ie "email",

php wont update my db
hello,

sorry for posting in mysql forum but i dont know where exactly is the problem but here

Extracting Long text from message class with parameters
Hi,

I would like to extract the long text from a message class. However, the long text ha

Nested (echoed) php running wrong script
Got a problem with a php website I'm creating.

In a nutshell, the first page is entirely html

Join Query Help
Hi all,

I am having problems with the below code, which we shall call 'my first join query'!

php/mysql problem
Hey all,

Problem: im trying to setup a shop where people can use a drop-down list to select t

PHP login form help (Done Most of It)
Hi i am having a problem, when i try logging in it is always saying "Invalid Login" im not

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash