Commit b5b3ea2d authored by Jelle Sebreghts's avatar Jelle Sebreghts
Browse files

Catpcha validation adjustments.

parent b3d83e66
......@@ -1061,7 +1061,7 @@
'type': "POST",
'data': {
'value': value,
'param': [sid, param]
'param': [sid, param.validate, param.token]
},
'dataType': 'json',
'async': false,
......
......@@ -225,6 +225,10 @@ function _clientside_validation_ajax_captcha() {
$captcha_response = filter_xss($_POST['value']);
$csid = $_POST['param'][0];
$captcha_validate = $_POST['param'][1];
$token = $_POST['param'][2];
if (!drupal_valid_token($token, $captcha_validate)) {
return drupal_access_denied();
}
$solution = db_query(
'SELECT solution FROM {captcha_sessions} WHERE csid = :csid',
array(':csid' => $csid)
......@@ -1327,7 +1331,10 @@ function _clientside_validation_set_date($name, $title, $format, &$js_rules, $me
function _clientside_validation_set_captcha($name, $title, $validate, &$js_rules, $message) {
$title = _clientside_validation_set_title($title);
$js_rules[$name]['captcha'] = $validate;
$js_rules[$name]['captcha'] = array(
'validate' => $validate,
'token' => drupal_get_token($validate),
);
$variables = array(
'message' => empty($message) ? 'Wrong answer for !title.' : $message,
'placeholders' => empty($message) ? array('!title' => $title) : array(),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment