Duplicate checking

  • Hi,

    Thank you for this plugin. I encountered the following issue:

    – If I tick “Login Form” as an “Enabled Form”, then your plugin will check for a captcha response on the login form created by https://www.ads-software.com/plugins/wp-user-manager/ – but does not output any captcha onto that form. This results in inability to login; you always get the ‘Please solve Captcha correctly’ message.

    – So, I added an mu-plugin to add the captcha to the form:

    add_action('wpum_before_submit_button_login_form', 'my_wpum_before_submit_button_login_form');
function my_wpum_before_submit_button_login_form() {
	do_action( 'anr_captcha_form_field' );
}

    That did add it to the form, and the Google Captcha field to what was then POST-ed to the WP site upon submitting the form. Unfortunately, this still results in ‘Please solve Captcha correctly’ always. So, I investigated why. To investigate why, I added some debug logging inside of anr_verify_captcha().

    – This revealed that anr_verify_captcha() was getting called twice. The first time, it returns true; the second time, false, because what came back in the response body from Google was:

    {
  "success": false,
  "error-codes": [
    "timeout-or-duplicate"
  ]
}

    i.e. On the second check of the same data, it got an error for being a duplicate.

    I was able to fix this on the site by writing another mu-plugin function to detect duplicates where the first attempt was successful. You might want to adjust that directly in your plugin though, to handle such cases. Here’s the mu-plugin function I used:

    add_filter('anr_verify_captcha', 'my_anr_verify_captcha', 10, 3);
function my_anr_verify_captcha($verify, $result, $response) {

	static $seen_response = false;
	static $seen_verify = null;
	
	if (true == $seen_verify && false == $verify && $response == $seen_response && !empty($result['error-codes']) && array('timeout-or-duplicate') == $result['error-codes']) {
		return true;
	} else {
		$seen_verify = $verify;
		$seen_response = $response;
	}
	
	return $verify;

}

    Out of interest, here are the two routes that came into anr_verify_capture(), causing the duplicate lookup:

    1: require('wp-blog-header.php'), wp, WP->main, do_action_ref_array('wp'), WP_Hook->do_action, WP_Hook->apply_filters, WPUM_Form->process, WPUM_Form_Login->submit_handler, wp_authenticate, apply_filters('authenticate'), WP_Hook->apply_filters, anr_captcha_class->login_verify, anr_captcha_class->verify, anr_verify_captcha

    2: require('wp-blog-header.php'), wp, WP->main, do_action_ref_array('wp'), WP_Hook->do_action, WP_Hook->apply_filters, WPUM_Form->process, WPUM_Form->process, WPUM_Form_Login->done, wp_signon, wp_authenticate, apply_filters('authenticate'), WP_Hook->apply_filters, anr_captcha_class->login_verify, anr_captcha_class->verify, anr_verify_captcha

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Duplicate checking’ is closed to new replies.