diff --git a/deploy/lib/control/SignupController.php b/deploy/lib/control/SignupController.php index 873c2409d..825b39c7a 100644 --- a/deploy/lib/control/SignupController.php +++ b/deploy/lib/control/SignupController.php @@ -77,14 +77,20 @@ public function signup(Container $p_dependencies) $this->validateSignupRequest($signupRequest); // guard method // Recaptcha section - $gRecaptchaResponse = $request->get('token-reponse'); + $gRecaptchaResponse = $request->get('g-recaptcha-response'); + debug($request->request->all()); + if (!$gRecaptchaResponse) { + debug('recaptcha token from form: ', $gRecaptchaResponse); + error_log('Warning: Signup form client had no Recaptcha info, token: ' . print_r($gRecaptchaResponse, true)); + throw new \RuntimeException('There was a problem with the form submission, please contact us.', 0); + } $recaptcha = new \ReCaptcha\ReCaptcha(RECAPTCHA_SECRET_KEY); $resp = $recaptcha - // ->setExpectedHostname('www.ninjawars.net') + //->setExpectedHostname(WEB_ROOT) // Above is needed if "domain/package name validation" disabled at // https://www.google.com/recaptcha/admin/site/352364760 ->verify($gRecaptchaResponse, $request->getClientIp()); - error_log('Signup form client had a Recaptcha response: ' . print_r($gRecaptchaResponse, true) . print_r($resp, true)); + error_log('Signup form client had a Recaptcha info of token: ' . print_r($gRecaptchaResponse, true) . ' response: ' . print_r($resp, true)); // compare a random number against the recaptcha quotient to // see if recaptcha even gets used $divisor = defined('RECAPTCHA_DIVISOR') ? RECAPTCHA_DIVISOR : 1; @@ -231,6 +237,7 @@ private function buildSignupRequest($p_request) $signupRequest->enteredPass = Filter::toSimple($p_request->get('key') ?? ''); $signupRequest->enteredCPass = Filter::toSimple($p_request->get('cpass') ?? ''); $signupRequest->clientIP = $p_request->getClientIp(); + $signupRequest->gRecaptchaResponse = $p_request->get('g-recaptcha-response') ?? ''; return $signupRequest; } diff --git a/deploy/templates/signup.tpl b/deploy/templates/signup.tpl index 3cf47e74e..0bee08fdc 100644 --- a/deploy/templates/signup.tpl +++ b/deploy/templates/signup.tpl @@ -79,7 +79,7 @@ {if !$submit_successful} {* Do not change this without changing the recaptcha in signup.js *} -
+
Create Your Login Info @@ -185,15 +185,17 @@ {* This section is used by signup.js and should only be changed in concert with that script below *} {* It is also tested via the cypress signup.cy.js script, so changes should be checked by running that *}
+ -
@@ -261,13 +263,33 @@ {* see https://www.google.com/recaptcha/admin/site/692084162/settings *} + {* *} +