From 43ad8eac4022e5be1a4f219aa41277b1bd086807 Mon Sep 17 00:00:00 2001 From: Patrik Date: Tue, 4 Jun 2019 18:49:35 +0530 Subject: [PATCH] Added support for reCaptcha v3 --- admin/settings.php | 35 +++-- includes/class-uwp-recaptcha.php | 143 +++++++++++++----- includes/functions.php | 240 ++++++++++--------------------- readme.txt | 4 +- 4 files changed, 214 insertions(+), 208 deletions(-) diff --git a/admin/settings.php b/admin/settings.php index 27a85ab..e9c5dbf 100755 --- a/admin/settings.php +++ b/admin/settings.php @@ -22,10 +22,21 @@ function uwp_recaptcha_addons_get_settings( $settings, $current_section ) { 'id' => 'addons_recaptcha_settings_options', 'desc_tip' => false, ), + array( + 'id' => 'recaptcha_version', + 'name' => __( 'ReCaptcha version', 'uwp-recaptcha' ), + 'desc' => __( 'Select the ReCaptcha version. Heads Up! V2, V3 and invisible recaptcha has different keys. So use keys based on version you select here.', 'uwp-recaptcha' ), + 'type' => 'select', + 'options' => uwp_recpatcha_version_options(), + 'chosen' => true, + 'placeholder' => __( 'Select Option', 'uwp-recaptcha' ), + 'class' => 'uwp_label_block', + 'desc_tip' => true, + ), array( 'id' => 'recaptcha_api_key', 'name' => __( 'Google ReCaptcha API Key', 'uwp-recaptcha' ), - 'desc' => __( 'Enter Re-Captcha site key that you get after site registration at here.', 'uwp-recaptcha' ), + 'desc' => __( 'Enter Re-Captcha site key that you get after site registration at here. Recaptcha V2 and V3 has different API key.', 'uwp-recaptcha' ), 'type' => 'text', 'size' => 'regular', 'placeholder' => __( 'Enter Google ReCaptcha API Key', 'uwp-recaptcha' ), @@ -34,22 +45,25 @@ function uwp_recaptcha_addons_get_settings( $settings, $current_section ) { array( 'id' => 'recaptcha_api_secret', 'name' => __( 'Google ReCaptcha API Secret', 'uwp-recaptcha' ), - 'desc' => __( 'Enter Re-Captcha secret key that you get after site registration at here', 'uwp-recaptcha' ), + 'desc' => __( 'Enter Re-Captcha secret key that you get after site registration at here. Recaptcha V2 and V3 has different API secret', 'uwp-recaptcha' ), 'type' => 'text', 'size' => 'regular', 'placeholder' => __( 'Enter Google ReCaptcha API Secret', 'uwp-recaptcha' ), 'desc_tip' => true, ), array( - 'id' => 'recaptcha_version', - 'name' => __( 'ReCaptcha version', 'uwp-recaptcha' ), - 'desc' => __( 'Select the ReCaptcha version. Heads Up! V2 keys will not work with invisible recaptcha, you will have to create new ones.', 'uwp-recaptcha' ), - 'type' => 'select', - 'options' => uwp_recpatcha_version_options(), - 'chosen' => true, - 'placeholder' => __( 'Select Option', 'uwp-recaptcha' ), - 'class' => 'uwp_label_block', + 'id' => 'recaptcha_score', + 'name' => __( 'Minimum verification score', 'uwp-recaptcha' ), + 'desc' => __( 'Set the minimum verification score from 0 to 1 (for Recaptcha V3 only). See more here', 'uwp-recaptcha' ), + 'type' => 'number', + 'size' => 'regular', + 'default' => 0.5, 'desc_tip' => true, + 'custom_attributes' => array( + 'max' => 1, + 'min' => 0, + 'step' => 0.1, + ), ), array( 'id' => 'enable_recaptcha_in_register_form', @@ -172,6 +186,7 @@ function uwp_recaptcha_settings_uninstall( $settings ) { function uwp_recpatcha_version_options() { $recaptcha_version_options = array( + 'v3' => __('ReCaptcha V3', 'uwp-recaptcha'), 'default' => __('ReCaptcha V2', 'uwp-recaptcha'), 'invisible' => __('Invisible ReCaptcha', 'uwp-recaptcha'), ); diff --git a/includes/class-uwp-recaptcha.php b/includes/class-uwp-recaptcha.php index 18c1a33..078f272 100644 --- a/includes/class-uwp-recaptcha.php +++ b/includes/class-uwp-recaptcha.php @@ -42,12 +42,17 @@ private function setup_actions() add_action('wp_authenticate_user', array($this, 'login_authenticate')); add_action('registration_errors', array($this, 'registration_errors')); add_action('init', array($this, 'load_textdomain')); - - do_action('uwp_recaptcha_setup_actions'); + add_action('uwp_template_fields', array($this, 'add_captcha_for_uwp_forms'), 10, 1); + add_action('uwp_validate_result', array($this, 'validate_recaptcha'), 10, 3); + add_action('register_form', array($this, 'add_recaptcha_wp_register_form'), 10, 1); + add_action('login_form', array($this, 'add_recaptcha_wp_login_form'), 10, 1); if (is_admin()) { add_action('admin_init', array($this, 'activation_redirect')); + add_action('admin_notices', array($this, 'recaptcha_key_notices')); } + + do_action('uwp_recaptcha_setup_actions'); } /** @@ -61,10 +66,6 @@ public function load_textdomain() private function includes() { - if (!class_exists('ReCaptcha')) { - require_once UWP_RECAPTCHA_PATH . '/includes/recaptcha.php'; - } - if (class_exists('UsersWP')) { require_once UWP_RECAPTCHA_PATH . '/includes/functions.php'; } @@ -130,61 +131,131 @@ public function add_scripts() wp_localize_script('uwp_recaptcha_script', 'uwp_recaptcha', $localize_vars); } - public function login_authenticate($user){ + public function recaptcha_key_notices() { - if(isset( $_POST['uwp_login_nonce'] )){ // ignore UWP login form submission - return $user; + $site_key = uwp_get_option('recaptcha_api_key'); + $secret_key = uwp_get_option('recaptcha_api_secret'); + + if (empty($site_key) && empty($secret_key)) { + echo '

' . sprintf(__('UsersWP ReCaptcha addon: API Key and API Secret not set. %sclick here%s to set one.', 'uwp-recaptcha'), '', '') . '

'; + } elseif (empty($site_key)) { + echo '

' . sprintf(__('UsersWP ReCaptcha addon: API Key not set. %sclick here%s to set one.', 'uwp-recaptcha'), '', '') . '

'; + } elseif (empty($secret_key)) { + echo '

' . sprintf(__('UsersWP ReCaptcha addon: API Secret not set. %sclick here%s to set one.', 'uwp-recaptcha'), '', '') . '

'; } - if(1 != uwp_get_option('enable_recaptcha_in_wp_login_form') || !uwp_recaptcha_enabled()){ - return $user; + } + + public function add_captcha_for_uwp_forms($type){ + $enable_register_form = uwp_get_option('enable_recaptcha_in_register_form'); + $enable_login_form = uwp_get_option('enable_recaptcha_in_login_form'); + $enable_forgot_form = uwp_get_option('enable_recaptcha_in_forgot_form'); + $enable_account_form = uwp_get_option('enable_recaptcha_in_account_form'); + + // registration form + if ( $enable_register_form == '1' && $type == 'register') { + uwp_recaptcha_display( 'register' ); } - if ( is_wp_error( $user ) && isset( $user->errors["empty_username"] ) && isset( $user->errors["empty_password"] ) ){ - return $user; + // login form + if ( $enable_login_form == '1' && $type == 'login' ) { + uwp_recaptcha_display( 'login' ); + } + + // forgot form + if ( $enable_forgot_form == '1' && $type == 'forgot') { + uwp_recaptcha_display( 'forgot' ); } - $secret_key = uwp_get_option('recaptcha_api_secret', ''); + // account form + if ( $enable_account_form == '1' && $type == 'account') { + uwp_recaptcha_display( 'account' ); + } + } - $reCaptcha = new ReCaptcha( $secret_key ); + public function add_recaptcha_wp_login_form() { + // WP login form + $enable_wp_login_form = uwp_get_option('enable_recaptcha_in_wp_login_form', false); + if ( $enable_wp_login_form == '1' ) { + uwp_recaptcha_display('wp_login'); + } + } - $recaptcha_value = isset( $_POST['g-recaptcha-response'] ) ? $_POST['g-recaptcha-response'] : ''; - $response = $reCaptcha->verifyResponse( $_SERVER['REMOTE_ADDR'], $recaptcha_value ); + public function add_recaptcha_wp_register_form() { + // WP register form + $enable_wp_register_form = uwp_get_option('enable_recaptcha_in_wp_register_form', false); + if ( $enable_wp_register_form == '1' ) { + uwp_recaptcha_display('wp_register'); + } + } - $invalid_captcha = !empty( $response ) && isset( $response->success ) && $response->success ? false : true; + public function validate_recaptcha($result, $type, $data) { - if ( $invalid_captcha ) { - remove_action('authenticate', 'wp_authenticate_username_password', 20); - $error = new WP_Error(); - $err_msg = __('ERROR: reCAPTCHA verification failed. Try again.', 'uwp-recaptcha'); - $error->add('invalid_captcha', $err_msg); - return $error; + if(empty($type) && ! isset( $data['uwp_'.$type.'_nonce'] )){ + return $result; } - return $user; + if(!uwp_recaptcha_enabled() || 1 != uwp_get_option('enable_recaptcha_in_'.$type.'_form') || is_wp_error($result)){ + return $result; + } + + if ( $type ) { + switch( $type ) { + case 'register': + case 'login': + case 'forgot': + case 'account': + case 'frontend': + + $response = uwp_recaptcha_check($type); + if(is_wp_error($response)){ + return $response; + } + + break; + } + } + + return $result; } - public function registration_errors($errors){ + public function login_authenticate($user){ - if(1 != uwp_get_option('enable_recaptcha_in_wp_register_form') || !uwp_recaptcha_enabled()){ - return $errors; + if(isset( $_POST['uwp_login_nonce'] ) || isset( $_POST['uwp_register_nonce'] )){ // ignore UWP login/register form submission + return $user; + } + + if(1 != uwp_get_option('enable_recaptcha_in_wp_login_form') || !uwp_recaptcha_enabled() || is_user_logged_in()){ + return $user; + } + + if ( is_wp_error( $user ) && isset( $user->errors["empty_username"] ) && isset( $user->errors["empty_password"] ) ){ + return $user; } - $secret_key = uwp_get_option('recaptcha_api_secret', ''); + $response = uwp_recaptcha_check('wp_login_form'); + if(is_wp_error($response)){ + return $response; + } - $reCaptcha = new ReCaptcha( $secret_key ); + return $user; + } - $recaptcha_value = isset( $_POST['g-recaptcha-response'] ) ? $_POST['g-recaptcha-response'] : ''; - $response = $reCaptcha->verifyResponse( $_SERVER['REMOTE_ADDR'], $recaptcha_value ); + public function registration_errors($errors){ - $invalid_captcha = !empty( $response ) && isset( $response->success ) && $response->success ? false : true; + if(isset( $_POST['uwp_login_nonce'] ) || isset( $_POST['uwp_register_nonce'] )){ // ignore UWP login/register form submission + return $errors; + } - if ( $invalid_captcha ) { - $err_msg = __('ERROR: reCAPTCHA verification failed. Try again.', 'uwp-recaptcha'); - $errors->add('invalid_captcha', $err_msg); + if(1 != uwp_get_option('enable_recaptcha_in_wp_register_form') || !uwp_recaptcha_enabled()){ return $errors; } + $response = uwp_recaptcha_check('wp_register_form'); + if(is_wp_error($response)){ + return $response; + } + return $errors; } } diff --git a/includes/functions.php b/includes/functions.php index 1433528..bc8d716 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -1,52 +1,4 @@ here and enter keys in the plugin settings page at here' ), $plugin_settings_link ); - } else { - $err_msg = __('Error: Something went wrong. Please contact site admin.', 'uwp-recaptcha'); - } - - if (is_wp_error($result)) { - $result->add('invalid_captcha', $err_msg); - } else { - $errors->add('invalid_captcha', $err_msg); - $result = $errors; - } - break; - } - - $reCaptcha = new ReCaptcha( $secret_key ); - - $recaptcha_value = isset( $_POST['g-recaptcha-response'] ) ? $_POST['g-recaptcha-response'] : ''; - $response = $reCaptcha->verifyResponse( $_SERVER['REMOTE_ADDR'], $recaptcha_value ); - - $invalid_captcha = !empty( $response ) && isset( $response->success ) && $response->success ? false : true; - - if ( $invalid_captcha ) { - $err_msg = __('Error: reCAPTCHA verification failed. Try again.', 'uwp-recaptcha'); - if (is_wp_error($result)) { - $result->add('invalid_captcha', $err_msg); - } else { - $errors->add('invalid_captcha', $err_msg); - $result = $errors; - } - } else { - //do nothing - } - break; - } - } - - return $result; -} - function uwp_recaptcha_display( $form ) { if ( uwp_recaptcha_check_role() ) { // disable captcha as per user role settings @@ -216,9 +74,8 @@ function uwp_recaptcha_display( $form ) { -
- - + +
+ '; + echo ' + '; + ?> +