Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Trouble verifying database password
Thankyou to everyone who responded to my last post (I can't find the posting, it has been buried). <

Creating web pages by php
Hello again,
I was just wondering us there a way to use a php script to create a new web page. I

Problem with passing variables
I'm not really a php programmer so I'm really struggling with this issue.

I have a banner s

Problem!
I have another problem, when i run this code i get this error "Parse error: syntax error, unexp

PHP5 - AJAX help
I've been following the tutorial on w2schools (http://www.w3schools.com/php/php_ajax_database.asp) a

multiple recipients + dbuser mail recall
Hello,

I am building a php login script.

When the user registers the script will send

help with variable
I've got a problem, i want to echo some images depending on the $id, however for me to get that id i

checkbox update
I am having a brain fart right now and i cant remember how to do this. if anyone could help that wou

PHP and Javascript
Hello Everyone,

I have a page that needs a javascript code to be written between PHP code but

is_dir() problem
Hello,

I'm buidling a php scripts that dynamically get's subfolders from a specific folder.

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash