WordPress.org
Get WordPress

Making WordPress.org


Ignore:
Timestamp:
09/23/2019 06:26:14 AM (6 years ago)
Author:
dd32
Message:

Login: Add reCaptcha v3 in logging-only mode for registration.

See #4739.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions-registration.php

    r9146 r9147  
    66    }
    77
    8     $verify = array(
    9         'secret'   => RECAPTCHA_INVIS_PRIVKEY,
    10         'remoteip' => $_SERVER['REMOTE_ADDR'],
    11         'response' => $_POST['g-recaptcha-response'],
    12     );
    13 
    14     $resp = wp_remote_post( 'https://www.google.com/recaptcha/api/siteverify', array( 'body' => $verify ) );
    15     if ( is_wp_error( $resp ) || 200 != wp_remote_retrieve_response_code( $resp ) ) {
    16         return false;
    17     }
    18 
    19     $result = json_decode( wp_remote_retrieve_body( $resp ), true );
    20 
     8    $result = wporg_login_recaptcha_api(
     9        $_POST['g-recaptcha-response'],
     10        RECAPTCHA_INVIS_PRIVKEY
     11    );
     12
     13    if ( ! $result ) {
     14        return false;
     15    }
    2116    return (bool) $result['success'];
    2217}
     
    5550    );
    5651
     52    // reCaptcha v3 logging.
     53    if ( isset( $_POST['_reCaptcha_v3_token'] ) ) {
     54        $recaptcha_api = wporg_login_recaptcha_api(
     55            $_POST['_reCaptcha_v3_token'],
     56            RECAPTCHA_V3_PRIVKEY
     57        );
     58        $pending_user['scores']['pending'] = -1;
     59        if ( $recaptcha_api && $recaptcha_api['success'] && 'register' == $recaptcha_api['action'] ) {
     60            $pending_user['scores']['pending'] = $recaptcha_api['score'];
     61        }
     62       
     63    }
     64
    5765    $inserted = wporg_update_pending_user( $pending_user );
    5866    if ( ! $inserted ) {
     
    168176    $pending_user['created_date'] = gmdate( 'Y-m-d H:i:s' );
    169177    $pending_user['meta']['confirmed_ip'] = $_SERVER['REMOTE_ADDR']; // Spam/Fraud purposes, will be deleted once not needed.
     178
     179    // reCaptcha v3 logging.
     180    if ( isset( $_POST['_reCaptcha_v3_token'] ) ) {
     181        $recaptcha_api = wporg_login_recaptcha_api(
     182            $_POST['_reCaptcha_v3_token'],
     183            RECAPTCHA_V3_PRIVKEY
     184        );
     185        $pending_user['scores']['create'] = -1;
     186        if ( $recaptcha_api && $recaptcha_api['success'] && 'pending_create' == $recaptcha_api['action'] ) {
     187            $pending_user['scores']['create'] = $recaptcha_api['score'];
     188        }
     189    }
     190
    170191    wporg_update_pending_user( $pending_user );
    171192
Note: See TracChangeset for help on using the changeset viewer.