Captcha problem users just refresh and it will let them auto submit again
Posted on
16th Feb 2014 07:03 pm by
admin
Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.
But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:
Code: session_start();
$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;
$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);
then my HTML:
Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>
<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">
<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?
Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...
No comments posted yet
Your Answer:
Login to answer
312 
34 
Other forums
Parse XML
Good day,
I use oempro software and try to parse XMLReturn but it's not working for me, simpl
Help Import Animoto and Youtube
CAn someone help me urgently want to allow users on my website to import youtube/revver/dailymotion
Libraries in C++
Hi all,
I have two libraries. one is based targeted on linux platform and uses another li
PHP XML extraction text
I would like to extract an xml text and have that text directly echo(print) out on my web page. Her
date("now") prints out wrong date ?
Hi Guys
Anyone know why and how I can fix it ?
get url?
how do i get the url of the page i'm currently on, on my website.. i think its get header.. how do i
PHP, jAVASCRIPT setting input values, why isn't it working?
Hi:
I am calling this javascript:
<script language="javascript">How can you detect variable string in a massive string?
Ok guys, i need some help with this one.
I am going to be getting a large string, like 10-20
my login script page is not working on remote computers
hi my login is working on my computer, but when i tried 2 computers from 2 different locations, they
From Header Showing 'Unkown' In Hotmail? Why?
Code: $to = $row_GetID['email_addr'].',sales@mywebaddress.co.uk';
$subject = 'Thank you for you
