Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Seperate team from score
I am writing a site that does a NFL Pick 'em type application and I have a feed that gives me the sc

Search in the PHP Files
have to search asterisk(*) in the php code of the php files .
In the html page one text box

Character Set Setup
Whats the best character set to use if you want every character to work, and also how do you make yo

IP question
ive got 2 ip addresses both global from same user how would i detect if they are local to each other

IF STATEMENT HELP
Hi
i have created a calendar from a table:

Code: Calendar: October 2009
<table w

tell csv import script to ignore blank rows?
Hi i have the below script but i get an error if a row is blank ie a return in the csv file at the e

Specific name typed, specific image shown on html page
Hello,

Fairly new to PHP and was curious if someone might know how to solve a fairly simple r

browse folder only
hi,
is there a way i can browse or get the directory or folder only and not the file?
i just w

void* and sizeof()
Hi,

Using void* and sizeof is it possible to get the value of the object ?

I understan

Concatenate two strings ???
I have string one $string1 and another $string2.

How to concatenate (add) both of them $str

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash