HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Happy New Year Gift!

2

Comments

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    @x00 said:
    When people get "password don't match" is this the dynamic typing check, or is it after submission?

    Sorry I was out...

    No it is when you focus the input box on one , and then focus on the other without entering any text you get passwords don't match, but since they do match upon checking the captcha and submitting then refreshes and the message about passwords not matching is gone.

    I did not get any js errors of any kind. Just my humanity suspect upon filing out the captcha everytime.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited January 2015

    Ok I think I fixed it for myself this is what I did to the default.

    if(C('EnabledPlugins.NoCaptchaReCaptcha') && C('Garden.Registration.Method')=='NoCaptcha'){
        function ValidateCaptcha($Value){
            $Response = ArrayValue('g-recaptcha-response', $_POST, '');
    
            if(!$Response)
                return FALSE;
    
            $Url = 'https://www.google.com/recaptcha/api/siteverify';
            $Data = array(
                'secret' => C('Garden.Registration.CaptchaPrivateKey'),
                'response' => ArrayValue('g-recaptcha-response', $_POST, '')
            );
    
            $Handler = curl_init();
            curl_setopt($Handler, CURLOPT_URL, $Url);
            curl_setopt($Handler, CURLOPT_PORT, '443');
            curl_setopt($Handler, CURLOPT_SSL_VERIFYPEER, FALSE);
            curl_setopt($Handler, CURLOPT_HEADER, FALSE);
            curl_setopt($Handler, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded")); 
            curl_setopt($Handler, CURLOPT_USERAGENT, ArrayValue('HTTP_USER_AGENT', $_SERVER, 'NoCaptchaReCaptcha Vanilla'));
            curl_setopt($Handler, CURLOPT_RETURNTRANSFER, TRUE);
            curl_setopt($Handler, CURLOPT_POST, TRUE);
            curl_setopt($Handler, CURLOPT_POSTFIELDS, http_build_query($Data));
    
            $Response = curl_exec($Handler);
            if($Response){
                $Result = json_decode($Response);
                if($Result && GetValue('success', $Result))
                    return TRUE;
            }
    
            return FALSE;
        }
    
    
        function recaptcha_get_html($CaptchaPublicKey, $Error = NULL, $UseSsl = FALSE){
            $Attributes =  C('Plugins.NoCaptchaReCaptcha.Attributes', array());
            $Attributes = array_merge($Attributes,array('class'=>'g-recaptcha', 'data-sitekey'=>$CaptchaPublicKey));
            $Plugin = Gdn::PluginManager()->GetPluginInstance('NoCaptchaReCaptcha');
            if($Plugin){
                $Plugin->EventArguments['Attributes'] = &$Attributes;
                $Plugin->FireEvent('BeforeDivReturn');
            }
            return'<div '.Attribute($Attributes).'></div>';
        }
    }
    

    You can go test it at http://www.cosmicjustice.org

  • @Stoertebecker said:
    Ok... here is the error message:

    Fatal error: Can't use function return value in write context in /home/xxxxxx/public_html/plugins/NoCaptchaReCaptcha/default.php on line 156

    Ok hopefully this should be it.

    http://vanillaforums.org/addon/nocaptcharecaptcha-plugin

    grep is your friend.

  • x00x00 MVP
    edited January 2015

    @vrijvlinder said:
    I did not get any js errors of any kind. Just my humanity suspect upon filing out the captcha everytime.

    can you try the latest version please?

    grep is your friend.

  • HazuluHazulu New
    edited January 2015

    Just tested the newest build and it worked great, thanks for the share :).

    EDIT: Tested on a live site and I get whoops! view not found. Could it have something to do with the url rewrite I toggled?

  • Nevermind, forgot it isn't a new page :p.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited January 2015

    Tested on my site and I get whoops! view not found. And it breaks my css

  • The gift the keeps on giving...

    grep is your friend.

  • x00x00 MVP
    edited January 2015

    @vrijvlinder said:
    Tested on my site and I get whoops! view not found. And it breaks my css

    It appears to be working on your site

    grep is your friend.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    @x00 said:
    It appears to be working on your site

    no I tested the new plugin version on my site vrijvlinder.com I wanted to test it in two sites to compare wtf...

    I had to delete the plugin coz it cause some fatal error with the sql user table when I disabled it and went back to settings page.

  • Well that is strange becuase it doesn’t do anything with sql.

    grep is your friend.

  • What version of php are you two using? The exact versions thank you.

    grep is your friend.

  • @vrijvlinder you should update to the latest version of 2.1 for security reasons, you are behind a little.

    grep is your friend.

  • peregrineperegrine MVP
    edited January 2015

    @x00 said:
    The gift the keeps on giving...

    a corollary to "no good deed ever goes unpunished" or "yak shaving is harder than it looks"

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • I'm going to sleep on this. I can force the view, that should work but I'm not in the environment where it is failing so...

    grep is your friend.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited January 2015

    Yes I have gotten behind on my forums, however none can join unless invited ... but that is not the cause of the error since the other site is the same version.

    I even got new keys and all. May be my fault. Will try on another site again..

  • @vrijvlinder said:
    Yes I have gotten behind on my forums, however none can join unless invited ...

    Private forums are a little safer but not immune to exploits, trust me.

    grep is your friend.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited January 2015

    Yes , thats why I closed them down to pedestrian traffic... but you are right was kind of waiting for the new version 2.1.7 after 2.1.2 then 2.1.3 then 2.1.4 etc I gave up lol 6 forums too much work at this time..

  • @Moostachie are you willing to put $Configuration['Debug'] = TRUE; in config.php to get a more detailed trace?

    Appreciated. You can obscure the server root, I just need the relative paths.

    grep is your friend.

  • @x00 It seems the plugin is incompatible with http://vanillaforums.org/addon/botstop-plugin, version 1.0.1. Disabling the plugin fixes the problem. Not sure which plugins fault it is causing the error, but there's some information for you :blush:.

Sign In or Register to comment.