Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Passing Arguments to execlp()
I'm writing a program that mimics a unix shell. It's supposed to take commands with arguments and ex

Getting PHP to ammended the selected in option field
Hey Guys

thanks for everyones help so far. This site and its users are oozing awesomness.

Help with forum quoting?
Hi im working on a forum and I have alomost finished it but i want a user quote system like twitter

"SEO" URLs
Hey, I'm wondering how to go about creating and using these types of URLs. I'm presuming it's PHP th

help with calculations on a flat text file
hello,
I have this code below that is attached to a flat file like this:
Email:LastName:FirstN

Calander layout
Hi i know this sounds like a simple question but i cant find the answer to it anywhere i have added

A little help needed passing hidden values to next page
I have a page that has hidden values in a form.

example
Code: <input name='signupID

Remote Database Access
Hey guys!!

OK, i'm used to only working with databases from the CPANEL, accessing phpMyAdmin

regex for quoted text within a string
I am still getting the hang of regex expressions, but I cant seem to figure out how I would escape q

Access website from only 1 computer...?
One of my customers wants his website to only be accessed by people in which they bought the website

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash