Support community for TTG plugins and products.
NOTICE
The Turning Gate's Community has moved to a new home, at https://discourse.theturninggate.net.
This forum is now closed, and exists here as a read-only archive.
You are not logged in.
Pages: 1
Both reCaptcha and I seem to be stuck. This usually means my brain has failed to appreciate some subtle setting that is right in front of me.
Site contact form is here: http://markhoffmanphotography.com/contact/
Submitting the form generates an error in red that says I must check the "I am not a robot" box even though I have done so. Using page inspector on the form I see that my site key is there. Turning on debug reCaptcha in Backlight settings provides no information at all. Have deleted site settings in google and gotten new site and secret keys. I see in a forum search I seem to be the only one reporting this error. In my case this is the universal indicator of user error, mine.
Regards Mark
Offline
Hi Mark, I can't see any obvious cause of this. Have you left the debug mode on? If not, can you switch it back on? (and double-check that it is on).
There are two scenarios that can result in that message:
1. The browser does not send the g-recaptcha-response field, or it's empty. Looking at your form, this is being sent.
2. Google responding with a status of something other than 'success'. In this case, if debug is on, then the full response should be shown.
It shouldn't be possible to be able to see that message, while g-recaptcha-response is being provided and debug on, without also seeing the full response from Google.
Offline
Is your domain added to the list of sites in your reCAPTCHA account?
Offline
^ That error should be reported in the reCAPTCHA field that the user needs to tick e.g. "Localhost is not in the list of supported domains for this site key."
Offline
My guess is that your server is not allowed to make a call to https://www.google.com/recaptcha/api/siteverify
It's either returning nothing, or not returning a response in the correct format.
Can you edit the file backlight/admin/application/delegated/ContactDelegate.php, and change the following lines from this:
$response=json_decode(file_get_contents($recaptchaVerifyURL.'?secret='.__c('GOOGLE_RECAPTCHA_SECRET_KEY').'&response='.$_REQUEST['g-recaptcha-response'].'&remoteip='.$_SERVER['REMOTE_ADDR']), true);
if (!is_array($response) || !isset($response['success']) || !$response['success']) {
if (__c('DEBUG_GOOGLE_RECAPTCHA') == 'yes') {
die('Google reCAPTCHA Server Response: <pre>'.print_r($response, true).'</pre>');
}
MessageHelper::error(__c('GOOGLE_RECAPTCHA_INVALID_MESSAGE'));
$pageData = array('contactForm' => $contactForm);
ViewHelper::render('contact/contact', $pageData, 'blank');
return;
}to this:
$json=file_get_contents($recaptchaVerifyURL.'?secret='.__c('GOOGLE_RECAPTCHA_SECRET_KEY').'&response='.$_REQUEST['g-recaptcha-response'].'&remoteip='.$_SERVER['REMOTE_ADDR']);
$response=json_decode($json, true);
if (!is_array($response) || !isset($response['success']) || !$response['success']) {
if (__c('DEBUG_GOOGLE_RECAPTCHA') == 'yes') {
die('Google reCAPTCHA Server Response: <pre>'.print_r($json, true).'</pre>');
}
MessageHelper::error(__c('GOOGLE_RECAPTCHA_INVALID_MESSAGE'));
$pageData = array('contactForm' => $contactForm);
ViewHelper::render('contact/contact', $pageData, 'blank');
return;
}That will print the response from the server as received, rather than the response after attempting to convert it to a readable format.
If you're not comfortable making that edit, I'm happy to do so for you, if you can provide me with FTP access.
Offline
Thanks. It does look like Google is returning nothing. Backlight reports all errors, but isn't detecting any errors with the call. I've tried on my end to break the call (e.g. by calling yyy.google.com, or setting it to an unknown port, but both of those result in meaningful error messages.
There's a small chance that something is being logged to the Designer error logs. We don't pay much attention to those log files, as errors should be reported in the browser. Can you see if there are any errors in the latest log file within backlight/data/designer/logs?
Failing that, I suggest asking your host whether it has blocked (or can open access to) server calls to https://www.google.com/recaptcha/api/siteverify
Offline
Latest log file (today) contains the following:
[10-Jul-2017 03:02:23] TRACE: returning: {"status":"success","message":"The template was updated successfully"}
[10-Jul-2017 03:02:27] TRACE: returning: {"status":"success","message":"The template was updated successfully"}
[10-Jul-2017 03:05:13] TRACE: returning: {"status":"success","message":"The template was updated successfully"}
[10-Jul-2017 03:06:09] TRACE: returning: {"status":"success","message":"The template was updated successfully"}
[10-Jul-2017 03:10:15] TRACE: returning: {"status":"success","message":"The template was updated successfully"}
[10-Jul-2017 03:13:42] TRACE: returning: {"status":"success","message":"The template was updated successfully"}
Not much help I guess.
Mark
Offline
FYI, host tells me they are NOT blocking server calls to reCaptcha and, in fact, are using reCaptcha on their tech support site.
So I'm going to put this one down as a Quantum Electrodynamic Mechanics Conundrum (betcha can't say that 3 times real fast).
Regards Mark
Offline
Hi Mark, perhaps not a case of QEMC. I have found that there is a PHP setting that can control whether our method of calling Google allows a URL call or not. By default, this setting is enabled. In my testing, if this setting is explicity disabled, then the request fails silently and returns nothing, and does not raise any errors.
To confirm this, can you create a file on your server called recaptcha.php with the following contents, and share the link?
<?php
if (isset($_REQUEST['phpinfo'])) {
phpinfo();
die();
}
if (!isset($_REQUEST['disable_warnings'])) {
error_reporting(E_ALL);
ini_set('display_errors', 1);
}
try {
$result = file_get_contents('https://www.google.com/recaptcha/api/siteverify');
echo 'result: '.$result;
} catch (Exception $e) {
echo 'Exception: '.$e->getMessage();
}
?>Offline
Hi Ben. Not sure how you want me to share a link to the file. It's at http://markhoffmanphotography.com/recaptcha.php/
Going there produces a page not found error. Guessing that's not what you meant.
Mark
Offline
Hi Mark, can you make sure that file located at the top of your website, at the same level as /backlight/ (but not within Backlight).
Offline
Hi Mark, leave it off for now. The file I asked you to create is a test file that will have no effect on the operation of reCAPTCHA on your site. Have you had any luck creating the file somewhere that it can be accessed from the web?
Offline
File is at the root of the site. Same level as backlight. Not reachable?
Interestingly with reCaptcha enabled on the contact, when I check "I am not a robot" it moves to the next level of verification where I must click on various pictures that meet certain criteria. After I do that I get the red error that tells me I've not clicked the I am not a robot checkbox.
Last edited by markh (2017-07-12 21:04:49)
Offline
Unfortunately not... http://markhoffmanphotography.com/recaptcha.php is giving me a 404 error.
Offline
Offline
Thanks. I can see that allow_url_include is disabled, as suspected.
Can you replace the file contents with the below? If this succeeds in communicating with Google, then I'll update Backlight with the new url_get_contents function.
NOTE that the code below may need scrolling to select all of it.
<?php
function url_get_contents($url) {
if (function_exists('curl_init')){
echo 'attempting curl_init...<br/>';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
curl_close($ch);
return $output;
} else if (function_exists('file_get_contents') && ini_get('allow_url_fopen')) {
echo 'attempting file_get_contents...<br/>';
return file_get_contents($url);
} else if (function_exists('fopen') && function_exists('stream_get_contents')){
echo 'attempting stream_get_contents...<br/>';
$handle = fopen ($url, "r");
return stream_get_contents($handle);
} else {
return false;
}
}
if (isset($_REQUEST['phpinfo'])) {
phpinfo();
die();
}
if (!isset($_REQUEST['disable_warnings'])) {
error_reporting(E_ALL);
ini_set('display_errors', 1);
}
try {
$result = url_get_contents('https://www.google.com/recaptcha/api/siteverify');
echo 'result: '.$result;
} catch (Exception $e) {
echo 'Exception: '.$e->getMessage();
}
?>Offline
Thanks. That looked to work. It successfully talks to Google, using a different approach. I'll integrate this into Backlight for our next maintenance release.
Offline
Pages: 1