|
mcote
|
August 13, 2012 at 9:50 pm
The recaptcha is not displayed when using the cart. I have tested while not beeing logged in the wordpress. I looked at the multi_registration_page.php and there are some comments around line 176 //Recaptcha portion
To activate the recaptcha, do I need to activate or “uncomment” some code to make it work?
The other thing is when going into view cart, the amount total field displays nothing except “Total (C$):” unless I do a refresh, then the amount is calculated. Is this working as designed?
Version 3.1.25.P
|
|
Josh
|
August 14, 2012 at 10:24 am
The Re-capthcha feature does not work with the Multi Event Registration feature at this time. We recommend using the apache mod-security module to help prevent spam registrations. Note that this is something that can be added and configured to most servers running apache.
With the total/refresh issue, I recommend updating to version 3.1.26, and then checking /wp-content/uploads/espresso/templates for an older copy of shopping_cart.php. Version 3.1.26 has an updated version of the shopping_cart.php, so a copy from a previous version will not include the latest fixes.
|
|
Kevin Doherty
|
August 14, 2012 at 10:57 am
Hey Josh, I’m on a shared server environment and won’t have that option. I just noticed my Captcha wasn’t showing for the same reason as mcote’s.
Will spam still get through if some of the fields are set to “require”. would akismet play a factor into this in helping at all or is that for “comments” specifically.
About to go live in a few days with my site and am worried about spam registrations causing my clients grief.
thanks in advance,
Kevin
|
|
Josh
|
August 14, 2012 at 4:55 pm
spam can get through, because spam bots can work around JavaScript based validation. Have you asked the host about upgrading the account so that mod-security can be used?
|
|
Kevin Doherty
|
August 14, 2012 at 5:10 pm
I use RackSpace and their Shared (Cloud Sites) is pretty locked down and 1-dimensional (not in a bad way). In order for me to use that module I’d have to switch hosts or setup a VPS. I guess if spam becomes a huge rampant issue I wont have much choice.
Would there be a way to create a remedial captcha of sorts? just coding a simple math equation (5+2) and including a required text field? not even sure how i would approach that.
If Spam does start to poor in will it just add fake users to the events and their status will be set to “pending”. Any other good tell tale signs for the spam?
thanks Josh
|
|
Sidney Harrell
|
August 15, 2012 at 2:27 am
Hey Kevin,
I was able to get the recaptcha working by doing the following. I copied the captcha code from the registration_page_display.php and pasted it into the multi_registration_page_display.php, but modifying it slightly and placing it at approximately line 92 (you can put it above or below
//Outputs the form questions.
echo event_espresso_add_question_groups($question_groups, $events_in_session, $event_id, 1, $meta);
depending on where you want it on the page
if ($event_counter == 1 && $org_options['use_captcha'] == 'Y' && $_REQUEST['edit_details'] != 'true' && !is_user_logged_in()) {
if (!function_exists('recaptcha_get_html')) {
require_once(EVENT_ESPRESSO_PLUGINFULLPATH . 'includes/recaptchalib.php');
}//End require captcha library
# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;
?>
<p class="event_form_field" id="captcha-<?php echo $event_id; ?>">
<?php _e('Anti-Spam Measure: Please enter the following phrase', 'event_espresso'); ?>
<?php echo recaptcha_get_html($org_options['recaptcha_publickey'], $error, is_ssl() ? true : false); ?> </p>
<?php }
Then in includes/process-registration/add_attendees_to_db.php, starting at line 163, modify it so:
} else {
static $been_here;
if ($org_options['use_captcha'] == 'Y' && !is_user_logged_in() && empty($been_here)) {//Recaptcha portion
$been_here = 1;
//require_once('includes/recaptchalib.php');
if (!function_exists('recaptcha_check_answer')) {
require_once(EVENT_ESPRESSO_PLUGINFULLPATH . 'includes/recaptchalib.php');
}
$resp = recaptcha_check_answer($org_options['recaptcha_privatekey'], $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
echo '<div class="attention-icon"><p class="event_espresso_attention"><strong>' . __('Sorry, you did not enter the correct anti-spam phrase. Please click your browser\'s back button and try again.', 'event_espresso') . '</strong></p></div>';
Please note that if you are logged in (likely if you are switching back and forth with the admin while testing) the recaptcha is not checked. Also, it may look initially like it’s not working, since it does present the payment options, but it does not create any attendees in the db.
|
|
Kevin Doherty
|
August 15, 2012 at 8:51 am
Thanks so much for your time and insight Sidney. I’ll reply back here again with my results. I did give it a try but the captcha didn’t show up anywhere. I’m not sure if its because of not executing the edits correctly or not but will try again and see what can be done.
thanks!
|
|
mcote
|
August 15, 2012 at 9:07 am
I had made it appear initially by removing the comments /* and the other */ starting around line 176 //Recaptcha portion in the multi_registration_page.php
I had also removed the first php portion which was in fact doing absolutely nothing. This might give you a clue on how to make it appear.
|
|
Sidney Harrell
|
August 15, 2012 at 10:37 am
we’re making a branch of the code with these changes so we can do some more testing on this, and possibly include it in the next update of 3.1. Stay tuned.
|
|
abywater
|
August 29, 2012 at 6:14 pm
I would also LOVE an update for this to work! I just recently had a wordpress account hacked – NOT fun! So, looking for ALL ways to keep bots out! Please give us an update when you have one!
|
