Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Libraries in C++
Hi all,

I have two libraries. one is based targeted on linux platform and uses another li

Syntax Help
I'm trying to make a form that edits a php file which contains config settings. I'm using strings t

checkbox update
I am having a brain fart right now and i cant remember how to do this. if anyone could help that wou

How to load mysql (and other) extensions into PHP
How to load mysql (and other) extensions into PHP PHP Development forum discussing coding practices,

Using system() and bringing back the results
I am aware that you can use system() within PHP to execute system commands, but I was wondering if t

Select all entries from database that include a phrase
I have a database of clubs - one of the categories is meeting time and place
I would like to have

Problem with "dynamic" index page
Hi. I have one question. In my index.php page I have this kind of code:
Code: // listaa sivut

I am stumped
OK. Here is what I am trying to do. I have the conditions set, and if the conditions are met, I want

Check if another session of the page is running?
I want to keep people from opening multiple tabs, or sessions of my Facebook app. Is it possible to

whats wrong with my code please help!!!
this is the error


Warning: mysql_close(): supplied argument is not a valid MySQL-Link res

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash