Commit fe765747 authored by Jelle Sebreghts's avatar Jelle Sebreghts
Browse files

Catpcha validation adjustments.

parent 7022fb84
...@@ -30,6 +30,10 @@ function _clientside_validation_captcha_ajax_captcha() { ...@@ -30,6 +30,10 @@ function _clientside_validation_captcha_ajax_captcha() {
$captcha_response = filter_xss($_POST['value']); $captcha_response = filter_xss($_POST['value']);
$csid = $_POST['param'][0]; $csid = $_POST['param'][0];
$captcha_validate = $_POST['param'][1]; $captcha_validate = $_POST['param'][1];
$token = $_POST['param'][2];
if (!drupal_valid_token($token, $captcha_validate)) {
return drupal_access_denied();
}
$solution = db_query( $solution = db_query(
'SELECT solution FROM {captcha_sessions} WHERE csid = :csid', 'SELECT solution FROM {captcha_sessions} WHERE csid = :csid',
array(':csid' => $csid) array(':csid' => $csid)
......
...@@ -25,7 +25,10 @@ class CvCoreCaptchaValidator extends ClientsideValidationValidator { ...@@ -25,7 +25,10 @@ class CvCoreCaptchaValidator extends ClientsideValidationValidator {
return array( return array(
'rules' => array( 'rules' => array(
$name => array( $name => array(
'captcha' => $element['#captcha_validate'], 'captcha' => array(
'validate' => $element['#captcha_validate'],
'token' => drupal_get_token($element['#captcha_validate']),
),
), ),
), ),
'messages' => array( 'messages' => array(
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
'type': "POST", 'type': "POST",
'data': { 'data': {
'value': value, 'value': value,
'param': [sid, param] 'param': [sid, param.validate, param.token]
}, },
'dataType': 'json', 'dataType': 'json',
'success': function(response) { 'success': function(response) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment