Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

How do I get the row number from from an sql table query
Hi all

I have a table that I query and it returns a number of rows.
mysql_num_rows($query)

Quick fix: Conditional statement with an array
Hi, I'm getting the temperature value off of the Environment Canada website along with the icon file

Secure pages Sessions vs. Cookies & session_destroy() help
Im new here and new to PHP, I hope you can help me with some questions.

Im writing my web ap

frame help
on the bottom frame is menu.html

Code: <body><form action='link.php' met

Embed Video Problem
Hey, thanks for looking!

File to be embedded:

Code: <playlist version="1&q

Hyperlink in PHP to MySQL record
Hello,

I am having trouble as i am new to php. I have connected to the database and I have di

ME54/ME54N Conditional check for Release of PR
Hi Gurus,

My requirement is to put a check on the release of the PR with respect to the c

temporary objects
Until now i thought every temporary object in C++ is created as constant. I'm wondering why my compi

php code to accept and delete incoming data
Using following HTML Code please show me how to write PHP code to accept and delete the incoming dat

PHP submit form script causing blank page
Im trying to submit a form using this script, however nothing shows up on the page, does anyone know

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash