Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Exporting new records
Trying to figure out the best way to set this up.

People register my site.

Their prof

show random images
hey guys

can someone please suggest a way in which the following code can be edited so it onl

error reporting
hey everyone

I have a production server in which I want error reporting but only on some page

PO Release Strategy Issue
Hi Experts,

I am facing an issue related to PO release strategy. The details are-
<

Warning message
I've put a website that I was doing live and I'm getting this warning message when I try to add a ne

Strip Slashes Help
I've got a script that i've downloaded of the net to edit multiple fields from my sql database, and

GET vs SUBMIT Button to show sections on one index.php page?
Just curious if one of these ways is better (i.e. more efficient) than the other.

I have a

image upload script not working with png
The basic process of this php code is to take the submitted file, convert it to a small JPG thumbnai

PHP XML extraction text
I would like to extract an xml text and have that text directly echo(print) out on my web page. Her

PHP and SMS
Hi all forum members. I am new here and am unsure what category shoild I post this in.
Moderator

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash