Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

i need help with php header and footer
I have designed a header and footer for my site and they seem to be ok when they are running individ

Fetching array then reversing it
Hi, I have a simple problem, I'll try to explain it as best I can:
News entries in my database ar

How to replace search button with link?
hi to everbody.
i have a search submit form and button like this :

<form id="f

Curl timeout breaks script
So im having difficulties with skipping timeout error in curl
my script calls different functions

Formatting echo from database
So I have a database that stores First and last names, then echos them back to a website, as of now

PHP - MySQL Fail
My PHP code will only execute the first part of my code...

Code: <?php

sessio

Need help making login verification cleaner...
I use the below to verify user login. I first check the cookie for the id, ip and a unique id. If it

Material xxx does not exist in plant xxx
Dear All,

I am working for a steel project which is repetitive manufacturing.

php redirecting
i wont open a new thread but i have a question about redirecting....
i wonder why my code doesnt

Forgot password won't work
My forgot password thing is not working properly. It is giving me this errorMailbox unavailable. The

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash