Google Invisible Recaptch Integration in PHP - recaptcha

Login with your google account
2.Visit the google recaptcha link.
3.Then follow the link to code integration, follow the code for both client and serverside validation. https://developers.google.com/recaptcha/docs/invisible
4.Increase or decrease the security level once after creating the recaptcha, go to the advance settings here, https://www.google.com/recaptcha/admin#list
<!--
i.stack.imgur.com slash NqyVT.png
6aZNw.png
n5gfN.png
Button HTML
<div id='recaptcha' class="g-recaptcha"
data-sitekey="put the key here"
data-callback="onSubmit"
data-size="invisible"
data-callback="callback"></div>
<button id='btnsubmit' class="c-button--primary">Submit</button>
//Apply the exact script from document
//PHP Validation
if($_POST['g-recaptcha-response'] != ''){
$post_data = http_build_query(['secret'=>'put the secret key here', 'response'=>$_POST['g-recaptcha-response'] ]);
$ch = curl_init();
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Send the request
$result = json_decode(curl_exec($ch), true);
// Free up the resources $curl is using
curl_close($ch);
//print_r($result);exit();
$hostname = strtolower($result['hostname']);
//echo $hostname.' - '.$result['success'];exit();
if($result['success'] == 1 && ($hostname == 'www.yousiteurl.com')){
//Write here actual execution code for email or data submit
}
}
-->


<script>
function onSubmit(token) {
alert('thanks ' + document.getElementById('field').value);
}
function validate(event) {
event.preventDefault();
if (!document.getElementById('field').value) {
alert("You must add text to the required field");
} else {
grecaptcha.execute();
}
}
function onload() {
var element = document.getElementById('submit');
element.onclick = validate;
}
</script>
Before body tag close
<script>onload();</script>

Related

Mock Curl response for testing in laravel

I am trying to unit test a function(updateMeeting) in laravel which uses a curl request inside it. I tried many google links but nothing worked. can you guys give me suggestions on this matter.
following are relevant methods. $this->meeting is a MeetingModel
public function updateMeeting($meetingId){
$meeting = $this->meeting->find($meetingId);
$endpoint = \Config::get('api_backend_endpoint');
$response = $this->curlPut($endpoint);
if ($response->http_status_code != 200) {
if(Input::get('source') == 'ajax') {
$apiResponse = app(ApiResponse::class);
$message = 'ERROR Updating Meeting ' . $meeting->name;
return $apiResponse->failed($message);
}
return Redirect::route('meetings.show', $meetingId)
->withInput()
->with('message', 'An error occurred hiding meeting with message: ' . $response->errors);
}
$meeting->save();
}
following is curlPut method
private function curlPut($url, $payload = array())
{
$data_string = json_encode($payload);
$ch = curl_init();
//send through our payload as post fields
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_USERPWD, $this->username . ":" . $this->password);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string))
);
$buffer = json_decode(curl_exec($ch));
curl_close($ch);
return $buffer;
}

Use a webservice like https://www.mocky.io/. Instead of requesting the real API, you send your requests to their API. You can create mock endpoints which return a response you can define.

The resource doesn't support specified Http Verb

I am trying to make a contact form for a static website hosted in an Azure blob.
When I click submit I can see the following error in the Console.
Failed to load resource: the server responded with a status of 405
(The resource doesn't support specified Http Verb.)
I think the issue may be that I need to set up CORS for mailgun.
However I don't know what values to put
Here is send.php code
<?php
if( isset($_POST) ){
$postData = $_POST;
$mailgun = sendMailgun($postData);
if($mailgun) {
echo "Great success.";
} else {
echo "Mailgun did not connect properly.";
}
}
function sendMailgun($data) {
$api_key = 'INSERT_API_KEY_HERE';
$api_domain = 'INSERT_DOMAIN_HERE';
$send_to = 'YOUR_EMAIL';
// sumbission data
$ipaddress = $_SERVER['REMOTE_ADDR'];
$date = date('d/m/Y');
$time = date('H:i:s');
// form data
$postcontent = $data['data'];
$reply = $data['senderAddress'];
$messageBody = "<p>You have received a new message from the contact form on your website.</p>
{$postcontent}
<p>This message was sent from the IP Address: {$ipaddress} on {$date} at {$time}</p>";
$config = array();
$config['api_key'] = $api_key;
$config['api_url'] = 'https://api.mailgun.net/v3/'.$api_domain.'/messages';
$message = array();
$message['from'] = $reply;
$message['to'] = $send_to;
$message['h:Reply-To'] = $reply;
$message['subject'] = "New Message from your Mailgun Contact Form";
$message['html'] = $messageBody;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $config['api_url']);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, "api:{$config['api_key']}");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS,$message);
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
?>
This question is a follow up from this question
I have tried including the subdomain www in the api_domain.

PHP does not run client side which means it is not suitable for a static website. As mentioned in this question
Alternatives are mentioned here

How to Redirect a login request to an external domain using PHP (Using Laravel 4)

I have two webs (Client side and Admin side) but are independent, I mean are in different domains but both using the same DB. I want to allow the Admins to login from Client side but once I recognize that isn't a normal user I want to redirect the login request to the other web and parse everything from the Admin side, just if I was trying to login from the admin web.
$credentials = array(
'username' => Input::get('username'),
'password' => Input::get('password'),
);
$message = "Wrong Data";
try {
if(Auth::attempt($credentials)) {
if(Auth::user()->role_id < 4) {
$url = 'http://externaldomain.info/login';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$credentials);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec ($ch);
curl_close ($ch);
return $response;
}
return Redirect::to('/');
}
} catch( \Toddish\Verify\UserNotFoundException $e ) {
$message = _("User not found");
} catch( \Toddish\Verify\UserUnverifiedException $e ) {
$message = _("User not found");
} catch( \Toddish\Verify\UserDisabledException $e ) {
$message = _("User disabled");
}
Instead of the dashboard I get the login screen, I checked it with fiddler and didn't see any post request to the external domain, I just saw the login page request(GET).
EDIT
$credentials = array(
'username' => Input::get('username'),
'password' => Input::get('password'),
);
$message = "Wrong Data";
try {
if(Auth::attempt($credentials)) {
if(Auth::user()->role_id < 4) {
$url = 'http://externaldomain.info/login';
$html = new \Htmldom($url);
$token = "";
foreach($html->find('input') as $element) {
if($element->name == "_token") {
$token = $element->value;
}
}
$credentials['_token'] = $token;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$credentials);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec ($ch);
curl_close ($ch);
return $response;
}
return Redirect::to('/');
}
} catch( \Toddish\Verify\UserNotFoundException $e ) {
$message = _("User not found");
} catch( \Toddish\Verify\UserUnverifiedException $e ) {
$message = _("User not found");
} catch( \Toddish\Verify\UserDisabledException $e ) {
$message = _("User disabled");
}
I'm using "yangqi/htmldom": "dev-master" to get the "_token", but I can't see the Request in fiddler, it keeps redirecting me to the login page instead of the dashboard.

It's probably because you forgot to add "_token" and "remember" fields.
The post you need to make should contain those for default login panel:
_token JB6nC85wLkFQtTglpiuoWk06YxI3Jx3no0xVQx0K
email admin#blabala.com
password 123456
remember on
Token is created by Laravel automatically for protecting your application from CSRF attacks.
You have two ways, first make request to your login page scrap the token. Then make a second request for post with that token.
Second you can disable the token for login page.
Ok, after your edit missing thing to do adding COOKIEJAR in curl request. Your current request is working like a browser with cookies disabled.
$url = 'http://externaldomain.info/login';
$file = "cookiefile.txt";
$fp = #fopen($file, "x");
if($fp)
fclose($fp);
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, $file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $file);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response_token = curl_exec ($ch);
curl_close ($ch);
$html = new \Htmldom();
// Load HTML from a string
$html->load($response_token);
$token = "";
foreach($html->find('input') as $element) {
if($element->name == "_token") {
$token = $element->value;
}
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, $file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $file);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$credentials);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec ($ch);
curl_close ($ch);
BTW, your first request to page should also need to use same cookie file. I suggest you to use curl for making the first request too.

how to Magento sending SMS upon creating shipment

Magento sending SMS when order confirmed and creating shipment, we have PHP code below:
<?php
$ch = curl_init();
$user="**#bindaaslo.com:**";
$receipientno="98910***";
$senderID="TEST SMS";
$msgtxt="this is test message , test"; curl_setopt($ch,CURLOPT_URL, "http://api.mVaayoo.com/mvaayooapi/MessageCompose"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "user=$user&senderID=$senderID&receipientno=$receipientno&msgtxt=$msgtxt"); $buffer = curl_exec($ch); if(empty ($buffer)) { echo " buffer is empty "; } else { echo $buffer; } curl_close($ch);
?>

open file [magento]\app\code\core\Mage\Adminhtml\controllers\Sales\Order\ShipmentController.php
find saveAction() and add your code in that
public function saveAction()
{
......................
$ch = curl_init();
$user="**#bindaaslo.com:**";
$receipientno="98910***";
$senderID="TEST SMS";
$msgtxt="this is test message , test"; curl_setopt($ch,CURLOPT_URL, "http://api.mVaayoo.com/mvaayooapi/MessageCompose"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "user=$user&senderID=$senderID&receipientno=$receipientno&msgtxt=$msgtxt"); $buffer = curl_exec($ch); if(empty ($buffer)) { echo " buffer is empty "; } else { echo $buffer; } curl_close($ch);
......................
}
Note: Don't directly change in core files instead of it override controller.
Or
you can achieve same through observer
some links help you to create observer for sales_order_shipment_save_before events
Magento - 2 or more observer on same event
https://magento.stackexchange.com/questions/847/hook-into-order-shipped-event-and-get-order-id-for-order-shipped

Tweeting Automatically to twitter

I have used followint curl functionality to tweet automatically from my codeigniter page but I am getting an HTTP responce code 401 (not authorised).
the code is:
var $accounts_table = 'accounts';
var $update_url = 'http://twitter.com/statuses/update.xml';
function update_status($username, $password, $message)
{
$ch = curl_init($this->update_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'status='.urlencode($message));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERPWD, $username .':'.$password);
curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
echo $httpcode;
// if we were successfull we need to update our last_message
if ($httpcode == '200')
{
$this->db->where('active', '1');
$this->db->update($this->accounts_table, array('last_message' => $message));
return TRUE;
}
else
{
return FALSE;
}
}
Please kindly help me to solve out this issue.
Thanks in advance.

AFAIK, twitter has moved onto OAuth.ie, no more basic authentication.
Read More about OAuth here.
OAuth supported libraries.

Resources