Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Using real time in php
I'm very average at PHP and im looking to introduce time to something on my site.
Its a sports si

Display data returned from Ajaxservices!!
I have a question about displaying results using ajax. I have part of the code below.
$.ajax({

foreach help.
Hello all,

First time I'm attempting to use a foreach statement and was just wondering if my

MySQL issue
I am taking sentences through a form on page. Then checking some condition and trying to insert them

SCO Unix
I know this might not be the place to ask, but, can anyone tell me if SCO Unix comes with PHP built

cyrillic string conversion question
Hello,

First time here...

I would like to know if there is a way to convert a

blank page.... nothing is happening.
I'm new to a lot of this but in the last 24hrs have learned a lot.
Installed latest version of my

2 things: enter doesn't work in IE & empty form
i have this search form that works well except for 2 things.

1) on IE when i hit enter instea

utl_file open error
i have file in the unix path

Path /popdev01/pop/popdevb/tfi/

File name

Renaming a file that a user uploads to site?
My site allows for registered users to upload images to the site under their own gallery. Currently

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash