Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Working with Global Variables
hi, I'm not really sure why the following code is returning a "Call to a member function getBan

Header is not working in IE
Hi ! header function is not working in IE but it works in FF, Safari, Chrome. any help please. :

trouble printing an array....
I'm having some trouble printing out an array forwards. I'm figuring out the high and low of an arra

Images outside webroot
Im hopeing someone can help me with this because i cant figure it out.I have setup an ASP.NET websit

What makes a script your own?
If someone finds a login script online, and changes some variable names around and some other minor

bit of help needed
Im about to sort out my registration page for my website by customising a "registration" s

Material Master Update through BAPI - Follow up material not updated
Hi Experts,

I am updating the material master through a custom transaction using the BAPI

simplexml_load_file and rss problem
Hi,

I have a problem parsing an rss feed using simplexml_load_file - this is strange as i hav

New Search Engine
Hey everyone,

I have a ZIP Code Radius search engine already functional. it displays all of t

Not reloading page after php form submit
Hello helpful souls out there. You guys have come through for me in the recent past and I'm hoping s

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash