Jump to content

Search the Community

Showing results for tags 'html'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (Dreamweaver, Zend, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 126 results

  1. I have a form that I decided to include Google recaptcha as an added measure of security. When I added the recaptcha it triggers an error because the recaptcha is not whitelisted. I read that HTML5 does not allow assigning the name attribute to div. i.e. <div name="myName"></div>. Against convention, I tried adding a name to the recaptcha div and adding that name to the whitelist. That approach failed. There is an iframe within the div that has the name attribute. I tried using the iframe name in the whitelist. That approach also failed. There is a hidden input that has an id="recaptcha-token". I added 'recaptcha-token' to the whitelist. This approach also failed. The hidden input is generated by the recaptcha api, so I don't think I have a means of assigning a name attribute to this input. Does anyone have a workaround or suggestion ? Note: form validation and whitelist all worked as expected prior to adding recaptcha. This is the div within the form. <div class="row"> <div class="col-md-12"> <div class="g-recaptcha" data-sitekey="<?php print $public_key;?>"></div> </div> </div> This is the code block using the whitelist. // VERIFY LEGITIMACY OF TOKEN if (verifyFormToken('form1')) { // Building a whitelist array with keys which will send through the form, no others would be accepted later on $whitelist = array('token','req-fName','req-lName','req-email','req-phone','req-address','req-city','req-state','req-zip','req-message','req_method','req-dateDepart','req-dateReturn','recaptcha-token','submit'); // Building an array with the $_POST-superglobal foreach ($_POST as $key=>$item) { // Check if the value $key (fieldname from $_POST) can be found in the whitelisting array, if not, die with a short message to the hacker if (!in_array($key, $whitelist)) { writeLog('Unknown form fields'); die('Hack-Attempt detected. Only the fields originally included in the form are allowed!'); } } } Thanks in advance for having a look at this.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.