Captcha problem users just refresh and it will let them auto submit again
Posted on
16th Feb 2014 07:03 pm by
admin
Users will just re submit and not have to enter the new captcha.. ? Lol but if i refresh the page, the captcha auto makes a new1 so u cant submit.
But if u enter captcha code alrdy, then submit form correctly, and press refresh to auto submit form, it does it? This is a major security risk here is my code, thanks:
Code: session_start();
$RandomStr = md5(microtime());// md5 to generate the random string
$text = rand(10000,99999);
$_SESSION["key"] = $text;
$height = 25;
$width = 35;
$image_p = imagecreate($width, $height);
$black = imagecolorallocate($image_p, 100, 5, 5);
$white = imagecolorallocate($image_p, 155, 155, 025);
$font_size = 16;
$text=substr($_SESSION['key'],0,3);
imagestring($image_p, $font_size, 5, 5, $text, $white);
imagejpeg($image_p, null, 80);
then my HTML:
Code: <tr class="bts ce"><td colspan=2><b>Security Code Confirmation</b></td></tr>
<tr>
<td align="right">Your unique security code<input type="hidden" name="secId" value="76c2b0e6f20ed0f1b209bcf39dee8e06"></td>
<td>
<img src="php_captcha.php">
<span class="desc">If The images are broke, please contact us.</span></span>
</td>
</tr>
Is there a way so people cant auto submit form?
Captcha works if u refresh but people can just auto submit the form and it will keep submiiting...
No comments posted yet
Your Answer:
Login to answer
312
34
Other forums
Passing PHP variables from one page to another
Hello-
I'm having trouble figuring out how to transport a variable from one php file to anoth
Forgot password won't work
My forgot password thing is not working properly. It is giving me this errorMailbox unavailable. The
if php cookie set, show code...
Hi all.. I need to figure out this little snippet right quick.. seems like it should be easy enough
More pug propaganda.
http://www.youtube.com/watch?v=8Kkrmubsgf8
The commercial is definitely worth watching pug aw
Error in query: Resource id #4??
hey guys, having a minor (i think) problem here that i havent been able to figure out. long story sh
add to sql result
ok see rite now my sites hit counter is counted from the mysql visitor log i need to clear it aft
php wont update my db
hello,
sorry for posting in mysql forum but i dont know where exactly is the problem but here
AJAX form submit
I recently built a form that submits data to my database with an ajax function that is called throug
empty() error
Why does
Code: empty($USER_ID = $_SESSION["USER_ID"])
create this error...
how to get sn motherboard
Hello.
I want to get serial number motherboard, cpu and else hardware.
Can You show me sam