Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

cyrillic string conversion question
Hello,

First time here...

I would like to know if there is a way to convert a

Create comparison matrix?
I want to create a comparison script for forum software and was wondering is there any tutorial or b

Force download script not handling files with spaces properly
I have a regular old php force download script, uses this code:

Code: header("Cache-Cont

no idea what to do...
I'm fed up. I had issues with code that I have working on a different site that didn't work on my cu

Parse Error with doctype
I'm getting a parse error with this simple code. I don't get it. It worked one time then when I relo

please help me in this update statment
hi every one

if I have table and this data in it

id name
10

How do I know when getBounds Method is ready to be called.
I have an application that changes out stylesheets client side. Once I change stylesheet the browse

Cursor statement failed with errors
Following statement failed with the errors.

cursor proj_cursor1 is (select projectID from

An odd assignment statement. Can someone explain this assignment to me?
What purpose is served by the bit of code between the two equal signs in the $installurl set? Is th

Help uploading .JPG
I have a problem with upload images when the ending is .JPG capitalized.. I really don't know what c

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash