Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

need good snippet manager
Hi. as i am coding and learning more, it is becoming difficult to manage code snippets. how you mana

Do not allow posting of whitespace
Currently the script below works if the user does not type a name/message, but if i create a whitesp

How to separate records and ORDER BY
Let say i have 100 records and displayed in one page, then i want to get the records from 50-100 and

How do I send data using an html link
Hi

If I have
<a href="main_file.php">

How do I send data t

Website Direction...
I recently used this code to try and make it so the page loads as http://www.domain.com/ when you ty

There was a problem with the request. (Code: 0)
Any Idea what could cause this? I get it randomly at best. But with both IE and FF. It derives from

Entering Data Problem
Code: $result = mysql_query("SELECT * FROM flights");
while ($row = mysql_fetch_array($

[PHP HELP] Php order form.
Hello to everyone @ phpfreaks. Im new to this site and hope to learn lots of things here.

Fir

Form errors in an array
I'm processing a form and putting the errors in an array. empty($errors) doesn't seem to do the tric

Change snippet to use CURDATE
I am using time() in the snippet below, I would like to use CURDATE() and have the database setup fo

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash