Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_
Can anyone view my code and tell me why im getting the error:
Parse error: syntax error, unexpect

help with multi-update
Now sure how to ask this really....
10g database if that matters.

I have a customer

error checking breaking my code
Hi there, OK first of all, big apologies for what I assume is really fundamental errors in the struc

Sequre login with cookies.
I want to build secure login with cookies. I just want your ideas about this, your suggestions. What

Wierd if else problem
Hi guys,

this probably aint wierd for you, but it seems like php is playin up to me. may b i

Motivational Posters
Hello,

I wonder how can i do them in php. Are there any sample codes that you can show me?

Filename like the user name
I am creating a form and storing the values in file. Could anyone please tell me how to write a code

Query failed issue with php script but works fine in mssql manager!
hi i have the script below which copies data from one table to another but will only insert new data

! = ''
In the following 'IF' statement if v_ompcat = PU for example then Oracle equates that 'IF' statement

Uploading/Downloading files stored in MySQL database
Hey all,

This problem just came up in my website and I'm having a hard time figuring out what

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash