News:

Support the VirtueMart project and become a member

Main Menu

Invalid Captcha check

Started by n3t, July 12, 2022, 21:52:40 PM

Previous topic - Next topic

n3t

Hi,

I found issue with Virtuemart 3 and 4. In shopFunctionsF->checkCaptcha is called globally even onCheckAnswer, so it is distributed to all published Captcha plugins, instead of to distribute it just to the one active (selected in global configuration).
Correct way how to call this should be according to Joomla standard, same way as is called in Joomla\CMS\Form\Rule\CaptchaRule, so something like

$app    = \JFactory::getApplication();
$plugin = $app->get('captcha');

if ($app->isClient('site'))
{
$plugin = $app->getParams()->get('captcha', $plugin);
}

// Use 0 for none
if ($plugin === 0 || $plugin === '0')
{
return true;
}

try
{
$captcha = Captcha::getInstance((string) $plugin);
return $captcha->checkAnswer($value);
}
catch (\RuntimeException $e)
{
\JFactory::getApplication()->enqueueMessage($e->getMessage(), 'error');
}
return false;


Currently calling

vDispatcher::trigger('onCheckAnswer',array($recaptcha));

causes all published to run onCheckAnswer event, which could lead in invalid results.

In my case, I use n3t Multi Captcha plugin, which, internally, calls ReCaptcha plugin. Virtuemrat causes, that n3t Multi Captcha plugin is checked first, returning TRUE as expected, but next checks ReCaptcha plugin, which causes diuplicate check and ends in exception.

pinochico

yes,

thanks Pavel,

therefore, when we prepare to use captcha in VM, we don't use standard VM setup, but we hack and set the call for a specific enabled captcha and not for all installed/enabled captcha plugins.
Maybe when the VM switches to Joomla standards and doesn't try to redo everything to their VM functions or write them correctly, there will be less hacks like this?
www.minijoomla.org  - new portal for Joomla!, Virtuemart and other extensions
XML Easy Feeder - feeds for FB, GMC,.. from products, categories, orders, users, articles, acymailing subscribers and database table
Virtuemart Email Manager - customs email templates
Import products for Virtuemart - from CSV and XML
Rich Snippets - Google Structured Data
VirtueMart Products Extended - Slider with products, show Others bought, Products by CF ID and others filtering products