Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Passing PHP variables from one page to another
Hello-

I'm having trouble figuring out how to transport a variable from one php file to anoth

Forgot password won't work
My forgot password thing is not working properly. It is giving me this errorMailbox unavailable. The

if php cookie set, show code...
Hi all.. I need to figure out this little snippet right quick.. seems like it should be easy enough

More pug propaganda.
http://www.youtube.com/watch?v=8Kkrmubsgf8

The commercial is definitely worth watching pug aw

Error in query: Resource id #4??
hey guys, having a minor (i think) problem here that i havent been able to figure out. long story sh

add to sql result
ok see rite now my sites hit counter is counted from the mysql visitor log i need to clear it aft

php wont update my db
hello,

sorry for posting in mysql forum but i dont know where exactly is the problem but here

AJAX form submit
I recently built a form that submits data to my database with an ajax function that is called throug

empty() error
Why does

Code: empty($USER_ID = $_SESSION["USER_ID"])
create this error...

how to get sn motherboard
Hello.
I want to get serial number motherboard, cpu and else hardware.
Can You show me sam

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash