Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Did you know?Explore Trending and Topic pages for more stories like this.
Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...
No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Internal Server Error issues
This has been bothering me for weeks and I've been trying to solve it without asking for help, but e

remove innitial

and

tags
i am using tiny_mce as a text editor for my CMS.
buy now the problem is it add <p>

Oracle Connectivity
Hi Every One,

Can we access SAP from oracle database.If it possible then please spec

Need a Timecode Class...
Not a Time Stamp, Time Code. Format is a bit different. HH:MM:SS:FF where FF is Frames. I dont re

Getting the full city list from maxminds geoip database
I am suprised I can't find any references to this.

I have maxminds geoip lite installed and i

how to hide input fields on selection screen using variant attribute
Hello all,

I want to know how to hide input fields on selection screen using variant attr

Page Reload
I am having issues getting a page to reload after I submit data to a database. This form should inp

Sharing PHP Sessions Across Domains
I am in the process of writing a script to share a php session across various domains I have.
The

radio button reamains checked
Hello i'm trying to keep the state off my radio buttons so it shows which ones where clicked after t

Undefined variable: adHTML
Hello:

While checking my site error logs, I've noticed one repetitive error that fills the lo

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash