Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Sharing PHP Sessions Across Domains
I am in the process of writing a script to share a php session across various domains I have.
The

Beginner PHP code help
Hi I'm new to php but if someone could please read the question below and help it would be great.

Data Function is Its Not working IN IE8
This is my first time to use formums. I hope i can get solution for this problem. view plaincopy to

Revoking alter any table from a schema
Hi All,

i am working in Oracle 10g.
my requirement is to revoke all kind of DDL oper

CE 7.1 and External GIS integration
Hi All,

We want to develop an application on CE 7.1 which uses GIS features from an exter

urldecode question
How would I format this line of code properly?

<?php echo urldecode($_GET['Title']); ?

Preloading images
Posting this question here because I am not sure where this should belong.I am building an asp.net a

Object Interfaces
EDIT: Never mind, I just updated to php 5.

Hey all,

I'm currently experimenting with p

natcasesort works on one server but not on another
Hi

I have a problem that I was hoping that someone can help me with.

I'm trying to use

question about header() security
is is safe to just use the header() function to redirect someone if they are, say, not logged in? or

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash