Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

CURL question
i am wondering if it's possible to use multi curl with login something like

login once to web

very easy question about SQL info
Hello,
I think that I have a very easy question.
I know how to create a form using php SQL and

Calling a Procedure with IN & OUT Parameters
Hello,

I usually call my procedures using the following way

declare variable e

Will an XHTML DOCTYPE interfere with my PHP if I'm not experienced enough?
I've read this article here: http://friendlybit.com/html/why-xhtml-is-a-bad-idea/

In a nutshe

cstdatomic (c++0x std::atomic) / g++ 4.4
Hello,

I'm trying to use cstdatomic (std::atomic in the upcoming c++0x standard) in g++

Undefined offset
The following script checks to see if the user answer matches the correct answer.

Form Fiel

search function
HI guys,

if anyone could point us in the right direction of how to do this, or provide some t

Why will this program not run if the variables are not global?
Hey guys I have a kind of perplexing situation that is probably simple, but I can't seem to understa

question about n
I was looking at some of the things you could do with php and one of the things I have tried is n.<

pspell
using pspell, is it possible to get words that would be best in the current phrase?

For examp

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash