You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Dec 1, 2023. It is now read-only.
The pagekit 1.0.15 update introducing captcha has a problem. If you apply the @captcha(verify=true) on a route and the captcha is disabled & client is not authenticated, every request will fail.
It's a logic error in the code. The first if should also check, if the captcha is configured! Currently every route which enforces verification will throw 400 if captcha disabled. At loading scripts (in the onScripts function) this is taken into account.
Problems arises when submitting comments anonymously.
Technical Details
Pagekit version: 1.0.15
Webserver: dev
Database: sqlite3
PHP Version: 7.1
The text was updated successfully, but these errors were encountered:
This should be top priority ! For me user registration and comments are not working because of mandatory google captchas. This is a complete blocker issues, for me the CMS is unusable if googleCaptchas are required.
Yeah, currently you are forced to use Captcha with the CMS; otherwise as before mentioned, things like submit comments or registration don't work, because you do that when you are not authenticated.
@MalteScharenberg You created the captcha and for you, as you are familiar with it, you could fix it very fast.
I wrote a quick fix ( one way to do). I simply check, if a captcha config value is not set. If it finds falsy configs, the verify option gets disabled.
'events' => [
// captcha bug fix (occurs in Pagekit v1.0.15)'request' => [function ($event, $request) use ($app) {
if ($request->attributes->has('_captcha_verify') && 0 < count(Arr::filter($app->config('system/captcha')->toArray(), function ($val) { return !$val; }))) {
$request->attributes->set('_captcha_verify', false);
}
}, -90],
]
Problem
The pagekit 1.0.15 update introducing captcha has a problem. If you apply the @captcha(verify=true) on a route and the captcha is disabled & client is not authenticated, every request will fail.
It's a logic error in the code. The first if should also check, if the captcha is configured! Currently every route which enforces verification will throw 400 if captcha disabled. At loading scripts (in the onScripts function) this is taken into account.
Problems arises when submitting comments anonymously.
Technical Details
The text was updated successfully, but these errors were encountered: