Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Question about the upload of large files
Hi there,

I have a question about the upload of large files, like videos (files generally abo

Procedural to OOP
ohn Kleijn said that to avoid writing "crappy code", we should learn OOP and common OO pri

import table with dependency
Hi

What is the best way to import table back which has dependency?

SQL> cre

Required to login help
I'm trying to set up my site so users have to be logged into the forum to access the site.I've been

registration form
first time posting. did some searches but didnt find exactly what i am looking for. dont flame cause

single values into sql field
i have a form which i want the user to able to select multiple answers. But i want the answers to be

EU VAT Package 2010
Does any one know whether SAP will be developing new reporting functionality due the new VAT rules t

want a code for uploading and downloading
i m trying to upload and download to my site..i need upload and download code ...i use a code for up

ctype() validation - allowing illegal characters
Hello,
I use ctype() to filter and validate a user form. However, I am trying to allow certain c

downloading a file as HTML
Hi.
I'm rather confused with forcing a download. I just want to save dynamic content (from $_SESS

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash