Develop Reference

Blank page on 3dsecure landing from Cardinity Redirect

I have a problem with my Cardinity integration.
Im trying to get 3dsecure to work. But when I land on 3dsecure, I get blank page.
The flow is as following:
Purchase Reqeust (My page) -> Cardinity handle -> Redirect back to my page, with custom form populated with data from cardinity (is mentioned below) -> Form Post to 3dsecure -> Blank page.
Form:
<form method="POST" action="{{ $url }}" enctype="multipart/form-data" name="ThreeDForm" class="col-md-12">
<button type="submit" class="btn">Go to payment</button>
<input type="hidden" name="PaReq" value="{{ $data }}" />
<input type="hidden" name="TermUrl" value="https://custom.com/dashboard/{{ md5(Auth::user()->email) }}/3dsecure/callback" />
<input type="hidden" name="MD" value="{{ $id }}" />
</form>

There are alot of undefined variables, but my guess is that you are putting in entype, which isnt listed in their documentation. Try delete this, if you dont have a specific reason of using it.

Getting a Csrf token inside a react render function

I'm creating a webpage with a login/logout option, since I'm using spring, and I want it to be secure, I use Csrf as described here.
What works in regular html:
<form method="post">
<input type="submit" value="Log out" />
<input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
</form>
The only difference is I am trying to put it inside a react component, in the render function, it would look like this:
<form method="post">
<input type="submit" value="Log out" />
<input type="hidden" thName={_csrf.parameterName} thValue={_csrf.token}/>
</form>
But for some reason that doesn't work.
Another thing might work but I'm not sure if it's good practice or not is:
<form method="post">
<input type="submit" value="Log out" />
<input type="hidden" thName={this.getCsrfName} thValue={this.getCsrfToken}/>
</form>
I'm using thyme-leaf by the way.
Is there any way to access the token and the name inside react without it being bad practice? Also if my second try is the correct one, how would I write the getCsrfName() or getCsrfToken() functions?

zoho remote api normal form server side code

I am using zoho remote api for normal form, but i get error whenever i try to save my document Please help me to correct my code that is given below
i need help to save my document. every time i save the document get the error "unable post the content"
<form accept-charset="UTF-8" target="_blank" action="https://sheet.zoho.com/remotedoc.im" method="POST">
<input type="hidden" value="http://example.com/demo1/test.csv" name="url">
<input type="hidden" value="**********" name="apikey">
<input type="hidden" value="editor" name="output">
<input type="hidden" value="normaledit" name="mode">
<input type="hidden" value="test.csv" name="filename">
<input type="hidden" value="en" name="lang">
<input type="hidden" value="12345678" name="id">
<input type="hidden" value="csv" name="format">
<input type="hidden" value="save.php" name="saveurl">
<input c type="submit" value="Details" name="submit">
</form>
<?php
$filepath = '/home/spatials/public_html/demo1/'.$_FILES['content']['name'];
$tmp_filename = $_FILES['content']['tmp_name'];
$upload_status = move_uploaded_file($tmp_filename, $filepath);
?>
Pleas correct my code

Wrong Save URL:
<input type="hidden" value="php/save.php" name="saveurl" />
Correct Save URL:
<input type="hidden" name="saveurl" value="http://example.com/demo1/save.php" />
WIKI page link for reference: https://apihelp.wiki.zoho.com/Save-Document.html

Honeypot protection with Ajax

Recently i got attacked by nasty auto-form fill bots which filled my shout form with all sorts of spam. My shout form consist from a html file with 2 textboxes,an ajax script(for refreshing without reloading) and my php file for handling all the inserting data into my DB.
I am thinking implementing a hidden textbox for a minimum protection against these bots but with no luck since i cant pass the honeypot data to my php file. My code:
HTML Form
<form class="form" method="post" action="postdata.php">
<fieldset id="inputs">
<input id="name" name="name" type="text" placeholder="name" maxlength="20">
<textarea id="message" name="message" type="text" placeholder="message" maxlength="255"></textarea>
</fieldset>
<fieldset id="actions">
<input type="submit" id="submit" value="Submit">
</fieldset>
</form>
Ajax script
$(function(){refresh_shoutbox();$("#submit").click(function(){var a=$("#name").val();var b=$("#message").val();var c="name="+a+"&message="+b;$.ajax({type:"POST",url:"postdata.php",data:c,success:function(d){$("#shout").html(d);$("#message").val("");$("#name").val("")}});return false})});
function refresh_shoutbox(){var a="refresh=1";$.ajax({type:"POST",headers:{"cache-control":"no-cache"},url:"postdata.php",data:a,success:function(b){$("#shout").html(b)}})};
postdata.php file
<?php
if($_POST['name'] or $_POST['message']) {
$name= $_POST['name'];
$message= $_POST['message'];
///do other stuff/////
?>
I will insert a hidden field in my html form
<input id="email" name="emails" style="display:none"></br>
but i cant manage to pass the extra value to my existing ajax script.Tried some code but with no luck.
Any help so i can get my shoutbox up and running again?

Multiple password forms + password completion

On a website I'm working we have an onsite login and a private login, the problem I'm having is that Firefox doesn't seem to be able to differentiate between these login forms.
Does anybody know how I can make clear that these are different logins?
I already tried giving the form fields different names and ids, ex: onsite_login and login but without success.
edit: my form-tags are not being mixed up, they aren't even on the same page
The two forms on the different pages
<form method="post" action="/en/login/1">
<fieldset>
<p>
<input type="hidden" value="login" name="form"/>
<input type="hidden" value="en" name="redirect"/>
<label for="onsite_username">Username<abbr title="Required ">*</abbr></label>
<input type="text" class="input-text" maxlength="255" value="" name="onsite_username" id="onsite_username"/>
<label for="onsite_password">Password<abbr title="Required ">*</abbr></label>
<input type="password" class="input-password" maxlength="255" value="" name="onsite_password" id="onsite_password"/>
<input type="submit" value="Log in" name="submit" class="input-submit"/>
</p>
</fieldset>
</form>
and
<form method="post" action="">
<fieldset>
<input type="hidden" value="login" name="form"/>
<div>
<label for="username">Username</label>
<input type="text" class="input-text" value="" name="username" id="username"/>
</div><div>
<label for="password">Password</label>
<input type="password" class="input-password" value="" name="password" id="password"/>
</div>
<input type="submit" value="Aanmelden" class="input-submit"/>
</fieldset>
</form>

Apparently this is not possible due to the way Firefox stores its passwords.
A password-manager entry is stored with the following data
The username (encrypted and secured with Firefox Master Password).
The password (encrypted and secured with Firefox Master Password).
The hostname of the webpage containing the login form.
The hostname of the webpage to which the form data has been submitted.
Thus Firefox does not distinguish between the two loginfields on my page.

I've not yet heard about a multiple form problem in Firefox.
But it could be that Firefox mixed up your 2 login forms if there is another tag around that is not closed properly.
I've had that problem myself with <p> tags and a not properly closed <div> around it.

I'm not sure.. but try to give them a different ID like <form method="POST" action="#" id="login1">