Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

include function being weird?
I have a very simple system to grab an IP outputted by a PHP file.. (for a project I have) but it ou

Better Method of a Member Cloud
I assume most people know how tag clouds work, where the tags most used are bigger and the least use

Why will this program not run if the variables are not global?
Hey guys I have a kind of perplexing situation that is probably simple, but I can't seem to understa

Echo multiple lines of html code
Hi guys,

I would like to know if there is a way to echo multiple lines of html codes.

Select Rows as Columns..
is there a way to select COLUMN_NAME from user_tab_columns where table_name='TABLENAME';
and ha

Passing Arguments to execlp()
I'm writing a program that mimics a unix shell. It's supposed to take commands with arguments and ex

void* and sizeof()
Hi,

Using void* and sizeof is it possible to get the value of the object ?

I understan

MYSQL gen help
This is my Mysql gen. can anyone tell me why this echos

MID(networkset.networkid, 3, 3) AS &q

update the selected existing records of database
Hi frndz,
I am new to php and get stuck....

Edit.php > Update.php > Updatea

Why is the logic of this simple code not working?
Hey, I'm trying to determine if a table already exists in mysql, but doing a query first with mysql_

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash