Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Question about the upload of large files
Hi there,

I have a question about the upload of large files, like videos (files generally abo

present value of sequence?
Hi

Please help me to find out the present value of sequence?

Thanks

DB2 for z/OS, LUW, iSeries
Hello, In this forum a lot of threads related to other members of the DB2 family than DB2 for z/OS

Why does this file not return file names that start with numbers?
This file returns a list of filenames to help populate a drop down in my form. For some reason it ig

Strip Slashes Help
I've got a script that i've downloaded of the net to edit multiple fields from my sql database, and

Performance impact of cookies
Hi, I was just wondering what impact there would be in terms of performance if you where to set then

Getting a variable to work in function params
I have this fuction which is inside a class:

Code: public static function generateEmbedCode($

email CODING Problem
Email coding problem.

I need to send a section of the info to $tf and the same as a Cc to $em

Ten Operator Syntax
Hi Guys,

I can't figure out why i am getting a parse error with this basic ten op code:

Insert Failing.
Hey,
I am making a Sign up page for a website, but the insert query into the Database does not se

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash