Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

HELP with mysql_real_escape_string
I'm looking to remove apostrophes completely when someone enters lyrics but don't have a clue how to

script and html conflict in trying to create a header.
I have an error is occurring because of an html webpage with a "php require" at the top of

Cloud Computing?
Hello,

I was wondering if anyone could help explain this term to me. I'm starting to hear it

Need help with basic sql
Hi,

I am using oracle 10g, and having some small doubts related to sql , here goes the si

Date Format
Hi there,

I have a date format like this right now:
Sat, 17 Oct 2009 17:04:00

I ne

User input in to variable
Hi all,

I'm sure this is very easy but I'm having another brain freeze!

At the end of

Find current logon time
Hi,
in my sql script i want to query and find out the logon time of the current session.
<

Progress bar tracking file downloads
Hey guys, was wondering if there was a way to track how far a file has been downloaded. I know there

PHP Display Telephone Number On Referrer
I have used the php below to show a different telephone number in the header of the site depending u

for loop without same $i digits?
Hi,

Can some guru please advise how can I accomplish this with a simple for loop ?

I

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash