Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Slashes
Have a small problem and I'm not able to understand why I'm getting the results I'm getting... and i

issues verifying if user is logged in
I am having issues when a user logs in via asp Login control, the IsAuthenticated still seems to com

Is STL important?
I'm just starting programming and I've made it until the Standart Template Library. But the chapter

Display data returned from Ajaxservices!!
I have a question about displaying results using ajax. I have part of the code below.
$.ajax({

Problem assigning value to variable in "IF" function
Does this script makes sense? I am trying to take the value that is set to "authenticat" a

HTAccess auto log in?
Hi all.

Too busy driving celebs about lately so I hope someone here can help me out.

I

Not Inserting into DB
I can't get my Add new Division form to submit to the database. Anyone see my issue?

Code: &a

DataTable Help Required
Hi all I am creating an app that utilises and MS Access back end and queries it quite a bit at vario

DELETE FROM not working deletes wrong row
Hello

I have the following code which i found but it doesnt work properly.. it comes up with

Calling variables
I want to call this to my website but it doesn't display what I want it to,

Code: <h5&

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash