Fix reCAPTCHA v3 validation when token is in $_POST['captcha'] (!12) · Merge requests · Extensions / Form Protection

fixes #15 (closed)

Admittedly didn't spend time looking into where/when/why the token got passed around, but on a client's site $_POST['g-recaptcha-token'] was an empty string and the correct token was in $_POST['captcha']. However the code didn't reach that because $_POST['g-recaptcha-token'] is technically set. Changing to !empty instead fixed this for me.

Edited Feb 02, 2023 by messica

Fix reCAPTCHA v3 validation when token is in $_POST['captcha']

Merge request reports