Hello all!
In configuration I can choose to use ReCaptcha in the registration form.
a) How can I display a label with the ReCaptcha in the form?
b) How can I use ReCaptcha also in the login form?
Kind regards,
Gerald
This applies to VM3.0.12 with default VM templates on J3.0.5
Configure & enable the Joomla ReCaptcha plugin and turn on. Enable Use ReCaptcha for Registration in VM config/shop.
Then the captcha will appear in the account registration form at the bottom, and in the cart registrattion form it appears at the top after hitting the register button.
It can be moved from top to bottom is you wish by overriding components/com_virtuemart/views/user/tmpl/edit.php
The login module is a Joomla module, you should ask on the Joomla forum if ReCaptcha could be included thgere, but personally I see no point in doing so.
Hello!
Thank you for your reply.
I know, how to enable the reCaptcha.
My questions were regarding ...
a) ... how to display a label with the reCaptcha in the registration form.
b) ... how to use reCaptcha not only in the registration, but also in the login form.
I guess this can be done by template overriding.
Right?
Kind regards,
Gerald
Hi all!
I want to push this topic again.
Actually I am really wondering, why VM does not provide the login forms (regular and popup) with the reCaptcha, but the registration form, only?
Isn't this a vulnerability?
Kind regards,
Gerald
https://developers.google.com/recaptcha/docs/display
Quote from: gba on June 22, 2017, 15:47:43 PM
why VM does not provide the login forms (regular and popup) with the reCaptcha, but the registration form, only?
Effectively the login is just the Joomla username & password - and ideally only used by someone already registered. It is not added in Joomla but could be using the appropriate code. There is a thread about this in the Joomla forum which may help explain the issues.
https://forum.joomla.org/viewtopic.php?t=910764
Hi!
Thank you for that hint.
I read this thread and partly agree with the ideas there.
But actually how else would you prevent a VM shop from being attacked by automatically filling in the login form and jamming the webserver this way?
Kind regards,
Gerald
Most VM registrations use required fields, so the form cannot be submitted unless those fields are completed. You can also use a hidden field to confuse bots. They will see that field and make an entry - and if there is something in that field then halt the "registration" process. You can do this for both Joomla's registation form and for VM.
Hi!
The problem is not the registration form - it does provide the use of the reCaptcha plugin set in Joomla! configuration.
But the login form does not.
Kind regards,
Gerald
Hello Gerald
Sorry to intrude, but why do You want to make it harder to login? There are a number of other security plugins that can protect without any hazzle for the registered user. A quick search found this:
https://extensions.joomla.org/extensions/extension/access-a-security/limit-login-attempts/ (https://extensions.joomla.org/extensions/extension/access-a-security/limit-login-attempts/)
best regards
Jörgen @ Kreativ Fotografi
Hi!
Thank you for that hint.
The new Google NoCaptcha reCaptcha (version 2) now appears if there is suspicious activity, only.
So usually there is actually no captcha displayed.
I just want the same behaviour in the login form like in the registration form.
Kind regards,
Gerald
By "login form" I guess you mean the Joomla login form? In which case see https://www.youtube.com/watch?v=LFGouPne3Oc