Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Different actions for different parts of a string
<?php
function dosomething($string, $else = '') {
if (empty($else))
$string

Is this Safe or Unsafe?
Hi i made a few pages with lots of peoples help now i just want to know if they are safe or not can

FFmpeg Images 2 Video conversion problem ??
I got folder full of images , number of images = 600 , I want to make a video which plays one image

Parse XML
Good day,

I use oempro software and try to parse XMLReturn but it's not working for me, simpl

Problem with php's rename function
So, i'm having a problem with the php rename function. Basically my script 'delete_user.php' attempt

IS this code correct
The reason i ask is everything underneath it appears to be alink as well, tis blimmin annoying

my code does not work.
I have a code problem.

Quote"<a href=index.php?gogo=ureticidetay&'?l={$le

Deleting Partners on the Customer Master.
Does SAP handle removing the Partner from Open Sales Orders when a Partner is deleted in the Custome

MySQL-PHP Query Results Help
Hello all. I'm hoping to be able to get some help in solving a problem with query/rowcount output. I

Best way to check for end of a record and send it back to the first record
I'm hoping someone can help me out and explain the best way to accomplish this.

What I'm doin

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash