Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Did you know?Explore Trending and Topic pages for more stories like this.
Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...
No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

writing a screen scraper
Hello,

I'm writing a screen scraper application and want to be able to get absolute addresses

displaying unknown amount of results
I am reading a directory and getting a list of folders in the directory, I want to display the folde

Changing files over
Just thought I'd start with the new forums looking really nice .

Ok basically I've made this

please help me... my password gets encrypted but not able to get in database
hai guys,
please help me... in the following function my password gets encrypted but no

Displaying Column Names
I have a question regarding the ability to show the column names from my table/query.
What I'm lo

string to currency format
Hi guys...

Actually I chunk out some data from txtfile and one of the data contains amount va

PHP submit form script causing blank page
Im trying to submit a form using this script, however nothing shows up on the page, does anyone know

Undefined variable when using $_SERVER['PHP_SELF']
Hi guyz, please suggest me something...
On first.php I have one input field NAME, and on posting

Firefox displaying PHP source code??
Currently testing a site thats almost built, am going to be including php on a sidebar on all pages

URL Rewrite issue
Im created a series of Rewrites and on page checks to make sure the correct url is being called. But

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash