Thread: reCAPTCHA for X-Cart Classic
View Single Post
  #89  
Old 02-11-2020, 03:55 PM
 
Thomasb134 Thomasb134 is offline
 

X-Adept
   
Join Date: Apr 2007
Location: USA
Posts: 789
 
Default Re: reCAPTCHA for X-Cart Classic
Today I discovered that the reCAPTCHA mod causes Altered Cart's Checkout One registered user Sign On to fail. It also fails when XCart Mobile is used. However Sign On works correctly from desktop mode using the shopping cart's side bar Authentication area.

When I applied the mod to my XC V4.4.5, the reCAPTCHA patch instructions for /include/login.php didn't match my version. Specifically this "BEFORE" code section doesn't exist:
Code:
In /include/login.php
BEFORE...

        if (empty($user_data)) {

            func_login_error();

        }

 INSERT...

        // reCAPTCHA - www.xcartmods.co.uk
        if ($current_area == "C" && $main != "checkout" && $config['reCAPTCHA']['reCAPTCHA_enabled'] == "Y" && $config['reCAPTCHA']['reCAPTCHA_site_key'] && $config['reCAPTCHA']['reCAPTCHA_secret_key'] && $config['reCAPTCHA']['reCAPTCHA_enabled_login'] == "Y") {
            include $xcart_dir . '/modules/reCAPTCHA/recaptcha_check.php';
        }
        if ($bad_captcha) {
            if (func_is_ajax_request()) {
                $top_message['content'] = func_get_langvar_by_name('lbl_reCAPTCHA_error', false, false, true);
                $top_message['type'] = 'E';
                // Prepare ajax message
                func_register_ajax_message(
                    'popupDialogCall',
                    array(
                        'action'  => 'message',
                        'message' => $top_message,
                    )
                );
                $top_message = '';
                func_header_location($HTTP_REFERER);
            } else {
                func_login_error(25);
                $user_data = $userid = FALSE;
            }
        }
        // /reCAPTCHA


By comparing V4.4.5 with V4.7.8 I found what I thought was the equivalent code; I inserted the new reCAPTCHA code before this sequence:
Code:
        if (!$user_data) {

            func_login_error();
            $allow_login = FALSE;

         }


The only other notable discrepancy was described in my post #84.

I rechecked my reCAPTCHA edits and couldn't find any unpatched code or edit mistakes. So I created a workaround for the login issue by commenting out the reCAPTCHA code block in login.php.

BTW, I found that the $main var is an empty string in login.php (in the reCAPTCHA function). Not sure if this is important, but thought I should mention it.

Although it's now working on the desktop view, XC Mobile fails on contact us, register, password reset, etc (but login is now OK). For simplicity I think it's best to have reCAPTCHA ignore mobile users; Still working on that. I could use some advice on how to fix the reCAPTCHA login for my 4.4.5 branch.

Edit Feb-14-2020: I've disabled the reCAPTCHA feature during mobile phone access (only desktop and tablet users see reCAPTCHA). Basically I wrapped the reCAPTCHA code in the /include/*.php files with this:
Code:
 global $detect;  // mobile detection var from XC Mobile Module
 if(!$detect->isMobile() || $detect->isTablet()) {
    //reCAPTCHA CODE HERE
 }

- Thomas
__________________
Thomas / USA
XCart V4.4.5 Gold
XCart Mobile V1.4.12
XCart X-PDF
XCart X-HotProducts
AlteredCart Checkout One (One Page Checkout)
BCSE Back In Stock
CFL Holiday Message
CFL System Message
Smack Digital (WebsiteCM) Remember Anon Carts
xcartmods Testimonials
xcartmods reCAPTCHA for X-Cart Classic
Unix, PHP 7.0 (patched 5.4).
MySQL 5.6
Reply With Quote