Captcha problem users just refresh and it will let them auto submit again


Posted on 16th Feb 2014 07:03 pm by admin

Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.

But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:

Code: session_start();

$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;

$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);

then my HTML:

Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>

<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">

<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?

Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...

No comments posted yet

Your Answer:

Login to answer
312 Like 34 Dislike
Previous forums Next forums
Other forums

Working with Dates, help.
Sooo to make a long story short, here's what im trying to accomplish.

I need to create a drop

Setting a default timezone?
I have read about how to change the timezone in PHPMYADMIN, but it changes back, it doesn't STAY the

Curl timeout breaks script
So im having difficulties with skipping timeout error in curl
my script calls different functions

Header is not working in IE
Hi ! header function is not working in IE but it works in FF, Safari, Chrome. any help please. :

Help with form post data and arrays
Hi all,

I am new to this forum... It has been awhile since i have worked with arrays, and i a

elseif help!
OK so I'm new to the site, as well as PHP altogether (Trying my hand at managing an online RPG) and

PHP form authentication
Hi guys,

what am trying to achieve is this: Whenever a user tries to login to my website, an

Update Database
Hi All,


I have a problem with this:

Code: [Select]<?php
session_start();

login page does not execute a else statement
I've created a login page using sessions.
When an incorrect user name or password is entered then

Interpret Order
Hello all,

I'm wondering if I have this:

Code: $switch = array(
'one' =>

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash