Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

firefox wouldnt stream mp3 files completely from my php page
hi everyone,
I have a php file trying to read and stream mp3 files. It works fine in IE but my pr

for some reason mysql query not working, not inserting, please check it out
This code is not inserting anything into my db, don't know why, the $_SESSION variable does contain

Date Format
Hi there,

I have a date format like this right now:
Sat, 17 Oct 2009 17:04:00

I ne

Keeping track of php uploads
Hello all.

I was looking at the way PHP handles file uploads.
It seems that PHP uses a tem

Nested (echoed) php running wrong script
Got a problem with a php website I'm creating.

In a nutshell, the first page is entirely html

ctype() validation - allowing illegal characters
Hello,
I use ctype() to filter and validate a user form. However, I am trying to allow certain c

Problem with PHP code- simple contact form
Hi Folks,
I'm relativily new to PHP; I know HTML and CSS stuff but I have a problem- I have a co

Procedure with variable number of columns
Hi, I have a procedure that looks like this:

PROCEDURE PROC(p_cursor OUT sys_refcurso

download directory onto C drive
I am attempting (if this is possible) to write a routine to automatically dump the contents of a dir

Why does my crawler script suddenly end with no error?
Hi.

I have written a web crawler script. It will visit a large number of URL's with cURL.

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash