Download the PHP package derhansen/form_crshield without Composer

On this page you can find all versions of the php package derhansen/form_crshield. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of derhansen/form_crshield

Informations about the package form_crshield

Latest Stable Version Acceptance Tests Monthly Downloads Project Status: Active – The project has reached a stable, usable state and is being actively developed.

Form challenge/response spam shield

What is it?

Form challenge/response spambot shield is a TYPO3 extension to prevent automated form submissions in TYPO3 form extension.

How does it work?

Form challenge/response spam shield adds a hidden input field to every form generated by the TYPO3 form extension. The input field contains a data-attribute with a challenge. The included JavaScript will use the challenge to calculate an expected response which will be checked on every form submission. If the expected response is not submitted, validation for the hidden input field is considered as failed and no email will be sent.

In order to make automatic form submissions harder for spambots with active JavaScript, a configurable delay for the JavaScript response calculation can be defined in the extension settings (default value: 3 seconds).

Can the protection be bypassed?

Yes, the challenge/response spam shield can be bypassed, if the algorithm used by the extension is implemented to a spambot. This is however unlikely, since the spambot either has to use JavaScript (which I believe most spambots do not) or has to extract the challenge from the parsed HTML and must calculate and submit the response correctly.

Requirements

The extension uses JavaScript to calculate the expected response, so if JavaScript is disabled on client side, form submission will not be possible.

A modern webbrowser is required to run the JavaScript. Internet Explorer < 11 is not supported.

Installation

Just install the extension on your TYPO3 website using composer or the TYPO3 extension manager. No further configuration is required.

Extension settings

The extension has the following extension settings, which can be adjusted if required. The default values should however be fine for most websites.

crJavaScriptDelay

Defines the delay in seconds for the JavaScript response calculation. The default value is 3 seconds.

minimumPageExpirationTime

If the calculated page cache lifetime if very low (e.g. 60 seconds), it may not be possible to fill out a form before the expiration time for the CR response is reached. This setting defines the minimum amount of second, the calculated page cache lifetime must have. Default value is 900 seconds.

additionalPageExpirationTime

Defines the amount of seconds, which is added to the calculated page cache lifetime, if the calculated page cache lifetime is below the defined value in minimumPageExpirationTime.

Logging

In order to log failed requests, it is possible to use a dedicated logfile like shown below:

Versions

Version TYPO3 PHP Support/Development
1.x 10.4 - 12.4 7.2 - 8.3 Features, Bugfixes, Security Updates

Thanks for sponsoring

All versions of form_crshield with dependencies

PHP Build Version
Package Version
Requires php Version ^7.2 || ^8.0
typo3/cms-core Version ^10.4.29 || ^11.5 || ^12.4
typo3/cms-extbase Version ^10.4.29 || ^11.5 || ^12.4
typo3/cms-form Version ^10.4.29 || ^11.5 || ^12.4
typo3/cms-frontend Version ^10.4.29 || ^11.5 || ^12.4
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package derhansen/form_crshield contains the following files

Loading the files please wait ....