Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Quick fix: Conditional statement with an array
Hi, I'm getting the temperature value off of the Environment Canada website along with the icon file

Change of partner analyse in sales orders
Hello,

I changed the partner analyse for sales orders and added a new mandatory partnerro

validating url
im trying to validate url's sent to me by a form
the url's im collecting are for placing banners

echo $rows help
Hi all,

Hopefully something simple that I don't know!

I have this:

Code: [Selec

Image upload - determine folder
I have an upload script that may be accessed from different directories. Problem is, the script is m

php email checker
I am having alot of trouble finding info on how to do these email things. I need to do the following

pagination - need help on passing of search query.
Hi, i have been trying for days but couldn't get this sorted out. Would like some professional help

Form submissing with PHP and JQuery/Ajax
I have searched everywhere, but cannot find a solution for this... I have worked all day trying to g

Log $_POST
How would i log submits on a form, by everyone? I want to then echo the number of submissions.

Oracle Connectivity
Hi Every One,

Can we access SAP from oracle database.If it possible then please spec

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash