Cédric Walter | Oct 8, 2020 | 0
Sporadic bugs appearing in SecurityImages 3.0.4?
|I’ve getting now many emails and bugs reports about security images 3.0.4. After looking closely at the source code and trying to reproduce those problems, I finally found the bug.|
In fact this component is now a victim of its success, using it everywhere has also revealed a serious design flaw, but let me explain….
Security Images is using 2 hidden fields in the background:
And these hidden fields names are spread in the code… this let the horror scenario happen:
The browser will submit all Hidden fields which are in the form, and thus the first input text box (Security_try) may overwrite what the user has entered in another one…rejecting always the user as a result.
- Prio 1: framework has to be configurable from the outside,
- Prio 1: Free porn attack counter measures will be add to HNCapctha Plugin
- Free porn attack counter measures will be add to HNCapctha Plugin.
4.0.0 will have non compatible API changes
You will have to change some 3rd party components, but I will support following 3rd party components:
- com_contact (Joomla core)
- com_login (Joomla core)
- com_registration (Joomla core)
Other like Community Builder, Galleries, JoomlaBoard will have to be supported by their own authors. Please contact them about that issue, I will document how to use the 4.0 in my wiki.
Other new functionnalities will be add to the 4.0 releases soon. (You can submit your ideas here)
Since it is raining over there 🙁 , it is realistic to see the version 4.0.0 before monday 29.05.2006
AkobookPlus new languages files: