?>
</button>
</p>
</form>
<?php
if (strlen(get_option('login_nocaptcha_key')) > 0 && strlen(get_option('login_nocaptcha_secret')) > 0) {
?>
<h3><?php
_e('Example', 'login_nocaptcha');
?>
</h3>
<?php
wp_enqueue_script('login_nocaptcha_google_api');
?>
<?php
LoginNocaptcha::login_form();
?>
<h3><?php
_e('Next Steps', 'login_nocaptcha');
?>
</h3>
<ol>
<li><?php
_e('If you see an error message above, check your keys before proceeding.', 'login_nocaptcha');
?>
</li>
<li><?php
_e('If the reCAPTCHA displays correctly above, proceed as follows:', 'login_nocaptcha');
?>
</li>
<ol>
public static function authenticate($user, $username, $password)
{
if (isset($_POST['g-recaptcha-response'])) {
$response = LoginNocaptcha::filter_string($_POST['g-recaptcha-response']);
$remoteip = $_SERVER["REMOTE_ADDR"];
$secret = get_option('login_nocaptcha_secret');
$payload = array('secret' => $secret, 'response' => $response, 'remoteip' => $remoteip);
$result = wp_remote_post('https://www.google.com/recaptcha/api/siteverify', array('body' => $payload));
if (is_a($result, 'WP_Error')) {
// disable SSL verification for older cURL clients
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$result = curl_exec($ch);
$g_response = json_decode($result);
} else {
$g_response = json_decode($result['body']);
}
if (is_object($g_response)) {
if ($g_response->success) {
update_option('login_nocaptcha_working', true);
return $user;
// success, let them in
} else {
if (isset($g_response->{'error-codes'}) && $g_response->{'error-codes'} && in_array('missing-input-response', $g_response->{'error-codes'})) {
update_option('login_nocaptcha_working', true);
return new WP_Error('denied', __('Please check the ReCaptcha box.', 'login_nocaptcha'));
} else {
if (isset($g_response->{'error-codes'}) && $g_response->{'error-codes'} && (in_array('missing-input-secret', $g_response->{'error-codes'}) || in_array('invalid-input-secret', $g_response->{'error-codes'}))) {
update_option('login_nocaptcha_working', false);
update_option('login_nocaptcha_google_error', 'error');
update_option('login_nocaptcha_error', sprintf(__('Login NoCaptcha is not working. <a href="%s">Please check your settings</a>. The message from Google was: %s', 'login_nocaptcha'), 'options-general.php?page=login-recaptcha/admin.php', get_google_errors_as_string($g_response)));
return $user;
//invalid secret entered; prevent lockouts
} else {
if (isset($g_response->{'error-codes'})) {
update_option('login_nocaptcha_working', true);
return new WP_Error('denied', __('Incorrect ReCaptcha, please try again.', 'login_nocaptcha'));
} else {
update_option('login_nocaptcha_working', false);
update_option('login_nocaptcha_google_error', 'error');
update_option('login_nocaptcha_error', sprintf(__('Login NoCaptcha is not working. <a href="%s">Please check your settings</a>.', 'login_nocaptcha'), 'options-general.php?page=login-recaptcha/admin.php') . ' ' . __('The response from Google was not valid.', 'login_nocaptcha'));
return $user;
//not a sane response, prevent lockouts
}
}
}
}
} else {
update_option('login_nocaptcha_working', false);
update_option('login_nocaptcha_google_error', 'error');
update_option('login_nocaptcha_error', sprintf(__('Login NoCaptcha is not working. <a href="%s">Please check your settings</a>.', 'login_nocaptcha'), 'options-general.php?page=login-recaptcha/admin.php') . ' ' . __('The response from Google was not valid.', 'login_nocaptcha'));
return $user;
//not a sane response, prevent lockouts
}
} else {
update_option('login_nocaptcha_working', false);
update_option('login_nocaptcha_google_error', 'error');
update_option('login_nocaptcha_error', sprintf(__('Login NoCaptcha is not working. <a href="%s">Please check your settings</a>.', 'login_nocaptcha'), 'options-general.php?page=login-recaptcha/admin.php') . ' ' . __('There was no response from Google.', 'login_nocaptcha'));
return $user;
//no response from Google
}
}
