Heine

  • Home
  • Drupal
  • About

'Sneaky' newsletter subscription when using a contact form.

Heine —Fri, 2007/05/04 - 08:52

While browsing Drupal Planet as part of my morning 'wake-up' ritual, I wanted to contact the authors of one of those sites about a problem. I wanted to, until my eye fell on the travesty that they call contact form.

  • Let's hope it doesn't become popular
  • Read more about 'Sneaky' newsletter subscription when using a contact form.

Adding settings to Captcha

Heine —Thu, 2007/03/01 - 16:51

Update: MyCaptcha 1.0 has been released.

I've been adding some settings to the math captcha module I created earlier. An important setting is on which forms you want to have a captcha. While it is possible to hardcode the possible forms a captcha can appear on, I've opted for another approach.

I've created two helper modules called Form store and Form collect. If you enable Form collect, it will collect forms on your site while you visit them. You can view the collected forms on the Form store page. In the image below, you can see that I limited the collection to forms I thought useful for Captcha and that I've given most a more readable description. While I intend to include and add a description to all core forms, this has to be done manually for now.

  • Drupal
  • Captcha
  • Read more about Adding settings to Captcha
  • 3 comments

Math captcha for anonymous users

Heine —Sat, 2007/02/24 - 12:58

This morning I broke down and wrote a simple math captcha module (for Drupal) to use with user registration and anonymous commenting on this site.

Because this site uses caching for anonymous users, the module needs to make sure that whenever a captcha is displayed, the page is not added to the cache.

Caching is handled by includes/common.inc:

  • Drupal
  • Captcha
  • Read more about Math captcha for anonymous users

Cache or PHP-info is none of your business

Heine —Sat, 2007/02/24 - 09:41

I've a few extra scripts in the webroot of several sites to provide me with server information when I need it. These scripts tend to provide too much information to just anyone. Here's how you can quickly limit access to the Drupal admin user (the first user created on the site).

Create a file restrict.php. The example assumes all files (restrict.php, info.php and apc.php) are in the Drupal root directory. You need to adapt the include paths if you save the files elsewhere. You can make the access criteria as baroque as you need; the example simply checks on user id.

  • Drupal
  • PHP
  • Read more about Cache or PHP-info is none of your business
  • 3 comments

Do a quick security review when porting your module

Heine —Thu, 2007/02/22 - 08:48

Adapted from a mail I sent to the Drupal development list.

Porting a module is an excellent opportunity to keep an eye out for security problems (evidence: DRUPAL-SA-2006-031). Here's a quick security reminder regarding input (user-supplied data). Code samples are only included to make a point, do not hold them against me.

  • Drupal
  • Security
  • Planet Drupal
  • Read more about Do a quick security review when porting your module

Microsoft on the advantages of illegal software (WGA)

Heine —Thu, 2007/02/22 - 08:00

Why, please tell! What are the advantages of illegal software?

Seriously, I feel sorry for them; all the effort spend to 'explain' (market) WGA in the previous screens, only to be undone by a translation error.

  • Windows XP
  • Read more about Microsoft on the advantages of illegal software (WGA)

Pages

  • « first
  • ‹ previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • next ›
  • last »
Subscribe to Heine RSS

Recent posts

  • Teampassword manager's password generator is biased
  • Other vectors for SA-CORE-2014-005?
  • Lazy loading: hook_hook_info is for hook owners only.
  • "Always offline" problem in EA's Origin due to antivirus
  • From bug to exploit - Bakery SSO
more

Security reviews

I provide security reviews of custom code, contributed modules, themes and entire sites via LimoenGroen.

Contact us for a quote.

Follow @ustima

Copyright © 2021 by Heine Deelstra. All rights reserved.

  • Home
  • Drupal
  • About