No Captcha / User Registration problem

  • Posts: 21
  • Thank you received: 0
8 years 1 month ago #228923

-- HikaShop version -- : 2.6.1
-- Joomla version -- : 3.4.8

Hi,

having problems with reCapcha plugin and I've switched it for no captcha one as I thought it should solve the problem. Instalation went smooth and it is working.... BUT...

the issue is with other components, like RS Forms PRO, which can silently register users with joomla procedures. For instance, when sumbitting custom rs forms form it will display error of "invalid captcha" or "recaptcha server can not be reached". (eg. both v1 and v2 captcha's are influenced)

I think the problem is that no captcha hika plugin (at least the one which I found on these forums as I can't find any official one) uses joomla's one and expects the click on it's own captcha.

I believe that this prevents any other componets which may use default joomla registration functions to make silent registrations (eg. form componenets).

What is the solution?

Please Log in or Create an account to join the conversation.

  • Posts: 81361
  • Thank you received: 13035
  • MODERATOR
8 years 1 month ago #228929

Hi,

Indeed. I guess even such 3rd party extension, also compatible with HikaShop, extensions.joomla.org/extension/keycaptcha will have the same issue with silent registrations.

We actually already have a code to skip the catpcha check for the com_updateme component silent registration of a user:

if ($app->isAdmin() || (@$_REQUEST['option']=='com_updateme' && @$_REQUEST['ctrl']=='subscription' && @$_REQUEST['task']=='api')) return true;
So you could add some similar code in the recaptcha2 plugin file but for RS Forms PRO.
You need to know the folder name of RS Forms PRO.
For example:
if ($app->isAdmin() || (@$_REQUEST['option']=='com_rsform') return true;
and add it after the other code in the plugin.

Please Log in or Create an account to join the conversation.

  • Posts: 21
  • Thank you received: 0
8 years 1 month ago #228983

this works with a little tunning ;)

if ($app->isAdmin() || (@$_REQUEST['option']=='com_rsform')) return true;

but it would not be better if you have your own plugin (as this seems to infuence everybody else)?

also I was not able to make plugin override, can this be done at all?

Please Log in or Create an account to join the conversation.

  • Posts: 81361
  • Thank you received: 13035
  • MODERATOR
8 years 1 month ago #229000

It's already our own plugin.
Also, most extensions don't create themselves users but use Joomla users created through the Joomla registration and the plugin also integrates with the Joomla user registration page. It also integrate with old versions of VM, a few contact form extensions, the contact form system of Joomla, etc.
And so far, you're the first one reporting a problem with silent user creations by another extension.

You can potentially make a plugin override (Joomla supports that), but there is no point there. The recaptcha plugin won't be updated when you update HikaShop and it is also not linked to the Joomla updater. So unless you update it yourself in the future, you won't loose your change. And there should be no need to update it for a while.

Please Log in or Create an account to join the conversation.

  • Posts: 21
  • Thank you received: 0
8 years 1 month ago #229518

It works as designed, but it blocks any other 3rd party component where silent user creation is the option. I see the place for upgrade, like adding exceptions field for instance in configuration (where you can put the code above into the field). Adding this you would not have the need to change source code and users would be advised of this in the first place (we spent a lot of time figuring out what is wrong with RSJoomla support).

Just a suggestion.

Please Log in or Create an account to join the conversation.

  • Posts: 81361
  • Thank you received: 13035
  • MODERATOR
8 years 1 month ago #229539

Hi,

thank you for your feedback.
For now, we'll add that code in the plugin:

$components = array('com_user','com_users','com_alpharegistration','com_ccusers','com_virtuemart','com_hikashop','com_hikamarket','com_akeebasubs');
		if (!in_array(@$_REQUEST['option'],$components)) return true;
That way, it will only check the user registration for the extensions integrated with it. It should be good enough.

Please Log in or Create an account to join the conversation.

  • Posts: 21
  • Thank you received: 0
8 years 1 month ago #229872

OK we solved it for our site, I guess this soltion is good too.

THX

Please Log in or Create an account to join the conversation.

Time to create page: 0.065 seconds
Powered by Kunena Forum