As a disclaimer, I am a beginner PHP and Wordpress developer… but this is a lesson I learned today and something that I would like to share.
These past week I began working on a website / community for my friend. Long story short, I decided to go with Buddypress. Despite Buddypress’s many features one feature that was sorely lacking is the inclusion of a Captcha or similar mechanism to prevent spammers from being able to sign up as a user. I decided to go with reCaptcha so I began by trying to use the wp-recaptcha plugin which from all the forums posts I read should have worked. It didn’t. And as to why it didn’t work, I am not really sure. But I believe that it has to do with the fact that I am running Buddypress on a Single User installation of Wordpress instead of WPMU.
So then came the hacking. A word of warning: this method is not future proof. It requires you to change a core BuddyPress file so if you update your Buddypress plugin, you will have to redo this. Now before I get any further this is what I am running:
If you are going to follow along, then first things first… make sure you have your reCapthca API Keys by signing up here (you need a google account to sign up for reCaptcha) and following the directions on the screen. Next you need to download the reCaptcha PHP library (the only file you will need is recaptchalib.php) and upload the recaptchalib.php file to your Child Theme Directory. Now you are ready to start hacking.
First in your functions.php file add this code:
function addCaptcha() {
require_once('recaptchalib.php');
$publickey = "YOUR_PUBLIC_KEY"; // got this from the signup page
echo recaptcha_get_html($publickey);
}
add_action( 'bp_before_registration_submit_buttons', 'addCaptcha');
This will display the reCaptcha box on your registration page (you will probably have to play with the css a bit to make it look decent).
Next find go to the buddypress/bp-core directory and open the bp-core-signup.php file on line 28 you will see this line:
if ( isset( $_POST['signup_submit'] ) ) {
/* Check the nonce */
check_admin_referer( 'bp_new_signup' );
Before the /* Check the nonce */ comment you will need to insert the following code:
$url = ABSPATH . '/wp-content/themes/pinnacle/recaptchalib.php';
require_once($url);
$privatekey = "YOUR_PRIVATE_KEY";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")");
} else {
// Your code here to handle a successful verification
}
And finally you will need to move all the code that handles the form verification to where it says Your code here to handle a successful verification. Basically this is everything from the /* Check the nonce */ comment to do_action( ‘bp_complete_signup’ ). It is around 120 lines of code total.
Now save the files and you should have a working reCaptcha on your site registration page.
Posted via email from adlatitude | Comment »
