Captcha problem users just refresh and it will let them auto submit again

Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

Your Answer:

Login to answer

Other forums

Match stored value with the current value in a loop
Hello,

I have a MySQL db were I store articles in.

I have a form to fill these article

Looking for help reading a .txt or .ini file and outputting the info.
I have a file called Info.ini and It has the following info:
Code: [General]
Online=0
I wou

Using system() and bringing back the results
I am aware that you can use system() within PHP to execute system commands, but I was wondering if t

Displaying image from database
Hi,

I've got a site where that's got a database behind it. Currently it has loads of items in

do while...woes
I'm sure this is childsplay but it is stumping me, everytime i try what I think would make this work

Is this possible? If one file assigned to an ID...
I have a page that lists property listings assigned to a specific user (a manage page), with brief t

trouble printing an array....
I'm having some trouble printing out an array forwards. I'm figuring out the high and low of an arra

* Gridview and Detailsview in UpdatePanel, insert mode problem
I have a GridView and DetailsView working together. When a record from Gridview is selected, Detail

Target costs on Process orders not calculating
Hi All,

We have released standard costs for all the materials. We have also done Goods r

PHP error on MySQL insert
I'm sure it's the simplest of issues, but I can't recall why this isn't working.

Code: [Selec