web API build with wordpress is showing error of
<script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>
it works sometime on some network and sometime not working
I got same response for an API ending with api/register , then i change the name /register to /new_registerthen issue solved,
I think register in url is the reason for this error
First of all, clone the website using the All In One WP Migration to your local development machine. Then, check the REST API, if the same error persists. It means you have some error in your code. In my case, the REST API works perfectly fine in my local machine but shows the same HTTP 409 conflict. I contacted with the Bluehost support. They told me they have some mod_security issues. After 2 3 days, they fixed it. It worked fine after that.
I ran into the same Problem and below are the two json api have issues which are using Json API User Plugin.
http://example.com/api/get_nonce/?json=get_nonce&controller=user&method=register
http://example.com/api/user/register/?username=eww_test&email=john#domain.com&display_name=John¬ify=both&seconds=100&insecure=cool
Then i move whole site to localhost and check APIs and they were working fine so i contacted host in my case hostgator.
They suggested to disable mod_security for that domain which was subdomain in my case.
And The issue has been resolved.
Tested and worked well
I am facing same issue while loading image. My image name is contact-desktop.png and contact-display-mob.png
My cpanel hosting provider block name which contain words like contact or register.
So I renamed that file and it is working perfectly.
At times this error occurs when you name you folder or files a reserved or blocked name.
In my case I named a folder contact, turns out the name was blocked from being used as folder names.
When testing my script on postman, I was getting this error:
<script>
document.cookie = "humans_21909=1"; document.location.reload(true)
</script>
I changed the folder name from contact to contacts and it worked. The error was gone.
I had the same issue, I was hosting on bigrock.in.
In my case, the issue that my hosting provider said was the user's IP was blacklisted.
You can do a blacklist IP check from here https://mxtoolbox.com
I ran into the same issue as mentioned above. In my situation I was hosting a website on bluehost, which used contact.php to send an e-mail according to the contact-form on the website.
My contact form looked like this:
<div class="col-md-7 contact-form wow animated fadeInLeft">
<form id="contact-form" role="form" onsubmit="formSubmit(event)">
<div class="input-field">
<input id="name" type="text" required name="name" class="form-control" placeholder="Your Name...">
</div>
<div class="input-field">
<input id="email" type="email" required name="email" class="form-control" placeholder="Your Email...">
</div>
<div class="input-field">
<input type="text" name="subject" class="form-control" placeholder="Subject...">
</div>
<div class="input-field">
<textarea id="message" name="message" class="form-control" placeholder="Messages..."></textarea>
</div>
<button type="submit" id="submit" class="btn btn-blue btn-effect">Send</button>
</form>
<div id="form-success-message" class="form-success-message alert alert-success alert-dismissible" role="alert">
<h4 class="alert-heading">Thank you for contacting us!</h4>
<hr>
<p></p>
<strong>The form was submitted successfully.</strong>
<br>In a few minutes you will receive an e-mail confirming that your question was sent successfully.
<br>Our team will contact you soon!
<br>
<br>In case the confirmation e-mail would not arrive within the next hours, verify that the email is not in your SPAM folder, or please contact us directly (****#******.tech).
<button onclick="document.getElementById('form-success-message').style.display = 'none';" type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close form submitted message"></button>
</div>
<div id="form-no-success-message" class="form-no-success-message alert alert-danger alert-dismissible" role="alert">
<h4 class="alert-heading">Oeps, something went wrong</h4>
<hr>
<p></p>
<strong>The form was not submitted.</strong>
<br>Please try again later, or contact us directly via e-mail (******#******.tech) or via WhatsApp.
<button onclick="document.getElementById('form-success-message').style.display = 'none';" type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close form submitted message"></button>
</div>
</div>
The script on my index.html page looked like this:
<script>
// Function responsible for sending the e-mail via the message contact form.
// At the moment the message contact form is submitted, it tries to fetch a php function
// in case the php function is not working, it will return a response from which the ok is false.
// Otherwise, it should return a possitive ok.
// FYI: function does not return a inscanceof error for now.
//
// In case no errors are thrown, the website will display a form success message
// In case the ok response from the php form is negative, a form no success message is displayed.
function formSubmit(event) {
/* Prevent button causing default browser submit */
event.preventDefault();
/* Get form element */
const form = document.getElementById('contact-form');
/* Create form data object from form element which contains post data */
let formData = new FormData(form);
/* Issue "ajax request" to server. Change /post-to-url to the appropriate
url on your server */
fetch('/contact.php', {
body: formData,
method: "post"
})
.then(function(response) {
if(!response.ok){
document.getElementById('form-no-success-message').style.display = 'block';
document.getElementById('contact-form').reset();
}else{
document.getElementById('form-success-message').style.display = 'block';
document.getElementById('contact-form').reset();
}
})
.catch(function(error) {
console.log('Error', error);
});
}
</script>
The file contact.php looked like this:
<?php
if(!isset($_POST['submit']))
{
//This page should not be accessed directly. Need to submit the form.
echo "error; you need to submit the form!";
}
//setting the variables
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$message = $_POST['message'];
//Validate first
if(empty($name)||empty($visitor_email))
{
echo "Name and email are mandatory!";
exit;
}
if(IsInjected($visitor_email))
{
echo "Bad email value!";
exit;
}
//variables for the e-mail to client
$email_from = '***#******.tech';//<== update the email address
$email_subject = "New message via your website contact form";
$email_body = "You have received a new message from the following website visitor (name): $name.\n\nThe visitor used the e-mail address: $visitor_email\n\nThe content of the message is: \n\n $message.";
//variables for the confirmation e-mail to website user
$confirmation_email_subject = "We received your question!";
$confirmation_email_body = "We have received the following message from you via our contact form on our website *****.tech: \n\n Your name: $name.\n\n Your e-mail: $visitor_email\n\n Your message: \n\n $message. \n\nWe will get in contact as soon as possible! If you would not receive an answer in the coming 2 weeks, don't hesitate to contact us via:*****#*****.tech. \n\n This is an automated e-mail. We haven't read your question yet. This is merely a confirmation of the recieval.";
//e-mail of client
$to = "****#*******.tech";//<== update the email address
$headers = "From: $email_from \r\n";
//headers for confirmation
$confirmation_headers = "From: *****#******.tech"; //<== update the email address
//Send the email!
mail($to,$email_subject,$email_body,$headers);
mail($visitor_email,$confirmation_email_subject,$confirmation_email_body,$confirmation_headers);
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>
After hosting on bluehost, things worked for 5 minutes. Then I started receiving errors. More specifically, on submitting the form, I received a 409 error, containing:
<script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>
I did some research, and found this page: https://www.geminigeeks.com/bluehost-blocking-contact-form-7-submissions-409-conflict-error/
At the bottom of the page you will read:
This issue still exists. If visitor’s IP is blacklisted, URL with the word “contact” will give 409 error. The plugin author of Contact Form 7 could solve the issue by renaming folders/files and any API calls, from “contact” to “kontact”.
So I changed the PHP file to kontact.php.
And then changed in my script the reference:
<script>
// Function responsible for sending the e-mail via the message contact form.
// At the moment the message contact form is submitted, it tries to fetch a php function
// in case the php function is not working, it will return a response from which the ok is false.
// Otherwise, it should return a possitive ok.
// FYI: function does not return a inscanceof error for now.
//
// In case no errors are thrown, the website will display a form success message
// In case the ok response from the php form is negative, a form no success message is displayed.
function formSubmit(event) {
/* Prevent button causing default browser submit */
event.preventDefault();
/* Get form element */
const form = document.getElementById('contact-form');
/* Create form data object from form element which contains post data */
let formData = new FormData(form);
/* Issue "ajax request" to server. Change /post-to-url to the appropriate
url on your server */
fetch('/kontact.php', { *<===== changes here*
body: formData,
method: "post"
})
.then(function(response) {
if(!response.ok){
document.getElementById('form-no-success-message').style.display = 'block';
document.getElementById('contact-form').reset();
}else{
document.getElementById('form-success-message').style.display = 'block';
document.getElementById('contact-form').reset();
}
})
.catch(function(error) {
console.log('Error', error);
});
}
</script>
After that my contact form started working on bluehost.
I also got the same error, I was getting error code 409 conflicts and an error message :
<script> document.cookie = "humans_21909=1"; document.location.reload(true) </script>
So in my case issue was because my API name is register.php and it was giving an error on mac os, not on windows. So I renamed the API regsiter.php to registerApi.php and it solved the issue.
If you are also using any reserved name for your API name or any method try changing it. Hope it will help.
Related
I already integrated JMSPaymentBundle, with paypal every thing works fine!
When I tried to change with stripe from this link for JMS
and using ruudk/PaymentStripeBundle from github, it's actually the same.
But there is a thing. I'm receiving this error: The source parameter is required
In the issues of the bundle, I found that I must use stripe form
<form action=""
method="POST">
<script
src="https://checkout.stripe.com/checkout.js" class="stripe-button"
data-key="MYPUBLISHEDKEY"
data-amount="999"
data-name="Demo Site"
data-description="Widget"
data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
data-locale="auto">
</script>
</form>
This form generates a Token. What I need to know is :
1- Where to put that published token used by JMSPaymentBundle?
2- What action in the form should I do? Is it the same for paypal?
it's hard to say what's going on here but it seems like https://github.com/ruudk/PaymentStripeBundle/ is lacking some necessary documentation.
From what I can tell it's adding a token hidden field to your forms:
https://github.com/ruudk/PaymentStripeBundle/blob/master/src/Form/CheckoutType.php#L12
However, the Checkout embed code you're using won't save the token to that field. I don't see any additional Javascript embedded in this library, so you'll need to build your own using the custom Stripe Checkout integration:
https://stripe.com/docs/checkout#integration-custom
Something like this should work:
var handler = StripeCheckout.configure({
key: 'pk_test_6pRNASCoBOKtIshFeQd4XMUh',
image: 'https://stripe.com/img/documentation/checkout/marketplace.png',
locale: 'auto',
token: function(token) {
// NOTE: assuming that the field injected by the library has an ID of "token"--you'll have to check your DOM and possibly adjust this
var field = document.getElementById('token');
field.value = token.id;
// TODO: submit form and send to your backend
}
});
document.getElementById('customButton').addEventListener('click', function(e) {
// Open Checkout with further options:
handler.open({
name: 'Stripe.com',
description: '2 widgets',
zipCode: true,
amount: 2000
});
e.preventDefault();
});
// Close Checkout on page navigation:
window.addEventListener('popstate', function() {
handler.close();
});
I'm using Behat with Mink and the Drupal extension to test my Drupal 8 website. I've got the tests running over Selenium server on Docker so I can watch them taking place.
My tests are pretty simple, just filling out forms and making sure the results match expectations, like this:
And I fill in "Sesame Street" for "Street address"
And I fill in "FamilyName" for "Last name"
However, I can't get it to work with the credit card field. Here is what I tried so far.
And I fill in "4242424242424242" for "The card number"
And I fill in "4242424242424242" for "edit-payment-information-add-payment-method-payment-details-card-number"
And I fill in "4242424242424242" for "card-number-element"
All of these give the same error:
Form field with id|name|label|value|placeholder "The card number" not found. (Behat\Mink\Exception\ElementNotFoundException)
Note: This test site is configured to use the Stripe test gateway, and I am attempting to use a test credit card number. No real card numbers will ever touch this system.
I think this is because the credit card payment is handled using the Stripe library and this uses some special kind of HTML structure that I'm not famiiar with. Here is the HTML below:
<div data-drupal-selector="edit-payment-information-add-payment-method" class="form-group js-form-wrapper form-wrapper" id="edit-payment-information-add-payment-method"><div class="stripe-form form-group js-form-wrapper form-wrapper" data-drupal-selector="edit-payment-information-add-payment-method-payment-details" id="edit-payment-information-add-payment-method-payment-details"><div id="payment-errors"></div><input id="stripe_token" data-drupal-selector="edit-payment-information-add-payment-method-payment-details-stripe-token" type="hidden" name="payment_information[add_payment_method][payment_details][stripe_token]" value="" /><div id="edit-payment-information-add-payment-method-payment-details-card-number" class="form-item js-form-item form-type-item js-form-type-item form-item-payment-information-add-payment-method-payment-details-card-number js-form-item-payment-information-add-payment-method-payment-details-card-number form-group"><label class="js-form-required form-required control-label" for="edit-payment-information-add-payment-method-payment-details-card-number">The card number</label><div id="card-number-element" class="form-text"></div></div>
How can I target the credit card input and fill in a test card number with Behat?
EDIT: Even if I wait, I get the same error:
And I wait 5 seconds
There are 2 things here:
The stripe field is in an Iframe, search for the iFrame conatining the stripe field, switch to the Iframe then use the regular I fill in as you have used before.
For use the test card with the Stripe field you have to switch to Stripe test mode:
Stripe_test_mode
The only input field I can see in the code you've provided is for a hidden field. So I suppose that the field you're trying to access is generated dynamically client side inside the #card-number-element div.
In which case, you need to ensure the browser has finished loading the page before you can check if this is working.
You could use Mink's session wait() method in your context file if you are using custom definitions. Alternatively, you could try using a different browser when testing with selenium.
Hi you need to switch to stripe iframe:
/**
* #When /^I fill stripe credit card informations$/
*/
public function fillCreditCardInformations(int $card = 0)
{
...
$this->switchToIFrame('iframe[name^="__privateStripeFrame"]');
$this->fillField('cardnumber', self::CARDS[$card]);
...
}
/**
* #Given /^I switch to iframe "([^"]*)"$/
*/
public function switchToIFrame(string $locator)
{
$found = false;
$selector = '/' === $locator[0] ? 'xpath' : 'css';
$iframes = $this->getSession()->getPage()->findAll($selector, $locator);
foreach ($iframes as $iframe) {
try {
if ($name = $iframe->getAttribute('name')) {
$this->getSession()->getDriver()->switchToIFrame($name);
$found = true;
break;
}
} catch (Exception $e) {
//ignoring
}
}
if (!$found) {
throw new InvalidArgumentException(sprintf('Could not evaluate CSS Selector: "%s"', $locator));
}
}
I have a stripe checkout error in my symfony project. Here is my view that uses checkout by default :
<form action="" method="POST">
<script
src="https://checkout.stripe.com/checkout.js" class="stripe-button"
data-key="pk_test_C9N5xzeBHyGplmZwpsbyciS6"
data-amount="9999"
data-name="Demo Site"
data-description="Widget"
data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
data-locale="auto"
data-zip-code="true"
data-currency="eur">
</script>
</form>
The method of my controller:
public function paiementAction(Request $request)
{
\Stripe\Stripe::setApiKey("sk_test_5W9Z1CdBKN2G46sTa2O5KI3T");
$token = $_POST['stripeToken'];
try {
$charge = \Stripe\Charge::create(array(
"amount" => 1000, // Amount in cents
"currency" => "eur",
"source" => $token,
"description" => "Example charge"
));
return $this->redirectToRoute("chk38_platform_confirmation");
} catch (\Stripe\Error\Card $e) {
// The card has been declined
return $this->redirectToRoute("chk38_platform_commande");
}
}`
Error Symfony
Thank you for your help
This issue of $_POST['stripeToken'] not being populated generally occurs when your code isn't creating a Token object via Stripe Checkout prior to running this bit of code.
I would suggest that you check your Stripe account's API logs (https://dashboard.stripe.com/test/logs/overview) and ensure that you are in fact correctly creating a Token object via Stripe Checkout prior to calling this create Charge snippet.
You may also want to read through their Checkout PHP tutorial (https://stripe.com/docs/checkout/php), to get a better understanding of how all of the pieces fit together. If you still have issues after all that, you may want to write in to their support staff via https://support.stripe.com/email since you probably don't want to discuss private account specific things in public.
This is a quick finding I just experienced. If you're using the default <form action="/directory" method="POST"> ... </form> from this stripe example page with your own endpoint make sure to specify down to the index.php file inside the directory folder.
I was getting an odd error where the token was being created but I would get directed to the PHP endpoint and it wasn't a POST event. I had an index.php file in /directory/ and I had to write the complete path not just up to /directory eg. /directory/index.php. Then it worked as expected.
I want to confirm and extend what subalublub said, in that the endpoint can simply be "/charge/" without having to use index.php there.
I ran into this issue and just using "/charge" was not passing in the $_POST values, but when changing to "/charge/" the index.php file inside that folder worked correctly.
Hope this helps someone.
I'm trying to implement the "reset password" functionality in my Meteor app. I have a very simple implementation of it based on this tutorial: Julien's tutorial on gentlenode
There are several examples floating around that use this same basic approach. I did mine almost exactly like Julien's but I used only one template; I use an {{#if}} in my template that displays the 'reset password' form, if my session variable sResetPassword is not falsey. (I don't know how the correct template is supposed to get displayed in Julien's example and it doesn't work for me as it is written -- the template doesn't change.)
Here's the critical piece of code. Two different methods that both work on my local app, but neither one works on my hosted (modulus) app.
/* method one
if (Accounts._resetPasswordToken) {
Session.set('sResetPassword', Accounts._resetPasswordToken);
}
/* method two
Accounts.onResetPasswordLink( function(token) {
Session.set('sResetPassword', token);
});
On my deployed version (Modulus), the link opens up my app and just goes straight to the start screen. When I check the value of my sResetPassword session var, it's undefined, so somehow the value of the token never gets put into the var.
While we're on the subject, does anyone know how you are supposed to get the correct template to load when you use a separate template for the reset password form?
Here is how it works for us. Code:
var token, done;
Accounts.onResetPasswordLink(function (t, d)
{
token = t;
done = d;
setTimeout(()=>Router.go("reset_password"), 0);
});
Template["reset_password"].events({
"click #resetBtn": function (event:Event, instance:Blaze.TemplateInstance)
{
var password1: string = instance.$("#input_password1").val();
var password2: string = instance.$("#input_password2").val();
console.log(password1, password2);
if (password1 != password2)
{
return;
}
Accounts.resetPassword(token, password1, ()=>
{
done();
Router.go("somewhere");
});
}
});
Template:
<template name="reset_password">
<form data-parsley-validate>
<div class="input-field">
<input id="input_password1" type="password" class="validate" data-parsley-trigger="keyup" data-parsley-minlength="6" data-parsley-minlength-message = "Please provide a password that is at least a 6 characters long." required>
<label for="input_password1">New Password</label>
</div>
<div class="input-field">
<input id="input_password2" type="password" class="validate" data-parsley-trigger="keyup" data-parsley-minlength="6" data-parsley-minlength-message = "Please provide a password that is at least a 6 characters long." required>
<label for="input_password2">Again</label>
</div>
<button id="resetBtn" class="waves-effect btn">Reset Password</button>
</form>
OK, for whatever reason, replacing iron-router with flow-router fixed this issue for me. I created a new app with only the login and reset password functionality and it worked fine. I added iron-router and again it worked, but only dev mode. When I ran it in production mode, the problem returned. Replaced iron-router with flow-router (in both the test app and my full app) and now the problem is gone. The email link works as expected in both modes.
I have encountered a lot of questions for the same but no where have been given any concrete answer
I am sending invites to Facebook friends say a , b ,c and what should happen is a notification should be displayed for the app request
I have seen this in case of PININTEREST which does the same however I am trying to achieve this in asp.net. I found this demo which is very close to what I want to achieve
The code I have so far is :
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="https://www.facebook.com/2008/fbml">
<head>
<title>Request Example</title>
</head>
<body>
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<p>
<input type="button"
onclick="sendRequestToRecipients(); return false;"
value="Send Request to Users Directly"
/>
<input type="text" value="User ID" name="user_ids" />
</p>
<p>
<input type="button"
onclick="sendRequestViaMultiFriendSelector(); return false;"
value="Send Request to Many Users with MFS"
/>
</p>
<script>
FB.init({
appId : 'XXXXX',
});
function sendRequestToRecipients() {
var user_ids = document.getElementsByName("user_ids")[0].value;
FB.ui({method: 'apprequests',
message: 'XXXXXXX',
to: user_ids,
}, requestCallback);
}
function sendRequestViaMultiFriendSelector() {
FB.ui({method: 'apprequests',
message: 'My Great Request'
}, requestCallback);
}
function requestCallback(response) {
// Handle callback here
}
</script>
</body>
</html>
EDIT:
When i send the request the user does not get it ... No error is displayed either
Here are two things that might be causing your requests not to go through -
Missing or incorrect canvas URL
Application is in sandbox mode
An application that sends requests to users must have a canvas URL specified in the application's settings. When a user acts on a request (accepts it) he/she is redirected to the application and specifically to the canvas URL. By not specifying a canvas URL your request is deemed invalid by Facebook as there is no where to redirect the user to. The canvas URL can not be apps.facebook.com/namespace because your application does not sit on Facebook's domain. You have to set the URL to your domain. The page that you redirect to should again redirect the user back to your application :
if(!strpos($_SERVER['HTTP_REFERER'],"apps.facebook.com")) {
header("location: "._fb_app_path);
exit();
}
An application in sandbox mode when the user being invited is not listed in the appropriate "roles" group in the application settings. Applications in sandbox mode are only accessable to users who are developers, administrators or testers of that application.
I believe the correct method (at least what we use) is:
function invoke_app_request(){
var receiverUserIds = FB.ui({
method: 'apprequests',
message: 'MESSAGE',
data: '',
max_recipients: AN_INT //this is optional
},
function(response) {
//whatever you do here
}
);
}
I read somewhere (don't take it 100%), that displaying notifications on invites is based on Facebook algorithms and it's not displayed on all apps. It has to do something with app activity and history.