Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

ALV List display - header width adjust
Hi,

I am using REUSE_ALV_LIST_DISPLAY for my ALV display.The width of the ALV varies for

Warning: Cannot modify header information - headers already sent by (output sta
Warning: Cannot modify header information - headers already sent by (output started at /home/praylif

tag inside php...
hi


Code: <?php
echo "<td width="$columnWidth%" align=&

Not showing whole name with mail () script
I sent up a simple mail form with the PHP mail() script. One problem is when it sends an email with

Using real time in php
I'm very average at PHP and im looking to introduce time to something on my site.
Its a sports si

Code error with Index.php
Error: Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/runevid/public_

Save username into DB
OkaY so I got my blog to actually save the posts and whatever, all I need now is for it to keep the

turning an array into a string then poping it into a db
Hi im just wondering how you get a requested array into a single string then pop it into the db so f

Session
I am having a little trouble with a session. Not sure if it is my browser or what. I know I do not

how to easy edit text, with box? Help.
Hi.
I have a little problem. I'm doing a webpage for my aunt and I would like to make it as easy

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash