Gute Frage
Twocents security
Re: Twocents security
„Bevor du den Pfeil der Wahrheit abschießt, tauche die Spitze in Honig!“ Ludwig's XH-Templates for MultiPage & OnePage
Re: Twocents security
I set cryptograph in setting of twocents, but can not see captcha in comments. Any solution?cmb wrote: ↑Sun Jul 19, 2020 11:32 amHmm, there is no built-in CAPTCHA in Twocents_XH (Advancedform_XH has one, though).
Eine Alternative zu Recaptcha_XH ist Cryptographp_XH 1.0beta6. Weniger elegant als Recaptcha, aber dafür kommt man ohne Registrierung und Schlüssel aus. Allerdings sollte man noch diesen Fix vornehmen.
Aleksei
Re: Twocents security
The captcha is only displayed when you are logged out, not in the backand.
Download the master version of Cryptograph_XH (right at "Code" > "Download ZIP").
Direct download: https://github.com/cmb69/cryptographp_x ... master.zip
There are some problems already fixed.
Also delete the complete browser cache and reload the page.
„Bevor du den Pfeil der Wahrheit abschießt, tauche die Spitze in Honig!“ Ludwig's XH-Templates for MultiPage & OnePage
Re: Twocents security
i download
reinstall crypt
change browser
captcha is on, but the is no images with code
https://ustalo.ru/?Пробуем/Коментарии-Два-цента
reinstall crypt
change browser
captcha is on, but the is no images with code
https://ustalo.ru/?Пробуем/Коментарии-Два-цента
Aleksei
Re: Twocents security
It seems there is a fundamental flaw regarding the internal variable $su, because it may not be URL decoded. While https://www.cmsimple-xh.org/?About-CMSimple_XH works as expected, https://www.cmsimple-xh.org/?%41bout-CMSimple_XH does not, although it is the same. Maybe replacing this line withustalo wrote: ↑Mon Oct 25, 2021 5:21 pmi download
reinstall crypt
change browser
captcha is on, but the is no images with code
https://ustalo.ru/?Пробуем/Коментарии-Два-цента
Code: Select all
$su = utf8_substr(urldecode($su), 0, $cf['uri']['length']);
This needs more investigation by the CMSimple_XH developers! There might be issues with external services encoding the URL (?foo/bar → ?foo%2Fbar).
Christoph M. Becker – Plugins for CMSimple_XH
Re: Twocents security
Exuse my bad& horrible English
it does not works on ciryllic
on site with latin translit it help
but it is not right solution. because change ciryllic to translit on many sites not human decision.
http://www.sima.spb.ru/?Nachalo/skazatmz_paru_slov
it does not works on ciryllic
on site with latin translit it help
but it is not right solution. because change ciryllic to translit on many sites not human decision.
http://www.sima.spb.ru/?Nachalo/skazatmz_paru_slov
Aleksei
Re: Twocents security
cmb wrote: ↑Mon Oct 25, 2021 10:41 pmIt seems there is a fundamental flaw regarding the internal variable $su, because it may not be URL decoded. While https://www.cmsimple-xh.org/?About-CMSimple_XH works as expected, https://www.cmsimple-xh.org/?%41bout-CMSimple_XH does not, although it is the same. Maybe replacing this line withis a proper fix?Code: Select all
$su = utf8_substr(urldecode($su), 0, $cf['uri']['length']);
This needs more investigation by the CMSimple_XH developers! There might be issues with external services encoding the URL (?foo/bar → ?foo%2Fbar).
I can confirm this.
The problem is that the guestbook is called on a subpage (level-2). Somewhere here we had this before, but can't find it right now.ustalo wrote: ↑Mon Oct 25, 2021 5:21 pmi download
reinstall crypt
change browser
captcha is on, but the is no images with code
https://ustalo.ru/?Пробуем/Коментарии-Два-цента
Set the plugin call in a level-1 page, then it should work. With me it works!
Example-URL: https://ustalo.ru/?Коментарии-Два-цента
„Bevor du den Pfeil der Wahrheit abschießt, tauche die Spitze in Honig!“ Ludwig's XH-Templates for MultiPage & OnePage
Re: Twocents security
if i change code
$su = utf8_substr(urldecode($su), 0, $cf['uri']['length']);
site stop works
all menu get 404
$su = utf8_substr(urldecode($su), 0, $cf['uri']['length']);
site stop works
all menu get 404
Aleksei