Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

CODE NOT WORKING
Code: [Select]<?php
//include shared codes

include '../lib/common.php';
include

Socket Server
In my following socket server, I am trying to listen to a connection through port 12345 in my web br

urldecode question
How would I format this line of code properly?

<?php echo urldecode($_GET['Title']); ?

Ajax not working on IE 6 for Windows CE
I've created a webpage which uses the classis Ajax in following format:view plaincopy to clipboardpr

Map.php
I am a complete beginner to PHP and am looking for some help with a program I am messing around with

Blank record injected into database
I always found several blank records inside my database, although $SESSION is required to insert the

Save remote XML to local website folder
Hi, I hope you can help me out. I would like to be able to pull an XML file from another site and t

writing a screen scraper
Hello,

I'm writing a screen scraper application and want to be able to get absolute addresses

Coefficient of a Restitution Hints
Hello. I was wondering if anyone can give me hints on how to write this program...

The coeffi

Delete records not in top 15
Hi,

I'm creating a hall of fame page in my game and the page will only display the top 15 sco

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash