Captcha problem users just refresh and it will let them auto submit again
Posted on
16th Feb 2014 07:03 pm by
admin
Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.
But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:
Code: session_start();
$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;
$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);
then my HTML:
Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>
<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">
<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?
Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...
No comments posted yet
Your Answer:
Login to answer
312 
34 
Other forums
Mouseover to edit (Ajax)
hi friends, can anyone help with the code behind to get this application working, please in VB (new
urldecode question
How would I format this line of code properly?
<?php echo urldecode($_GET['Title']); ?
Wierd echo error?
Hi, i got the most wierd php error ever and i don't know why..
Code: echo "<t
Help with PHP and checkboxes
I am posting this for a friend of mine, i wrote a small script for her to process her form data to a
Displaying values from a SQL count...
Hi,
Easy enough question i just forget the exact method ..
I have ...
Code: //count win
Pspell with my own dictionary
Hello!
I've tested two cases using pspell functions.
1)
Code: $dictionary_link = pspell_new
Pipe email to PHP - get mail adress from MySQL - send?
Hi all,
this is the challenge:
1) Our faculty at the college where I'm employed includ
Securing a user input - need some confirmation
Hello All,
I am in the process of recoding a large proportion of an e-commerce site, one of t
phpmailer class & pop.gmail.com?
Code: <?php
$mail->IsSMTP();
$mail->Host = "pop.gmail.com";
Contents of variable not echoing
Hey guys, hopefully this is an easy one...
In this line, the variables are not echoing out. T
