Support Thread for Google reCAPTCHA plugin

[dharrison]

Hi

I have an issue on my website: We are starting to receive several fake account profiles and on checking the ReCaptcha form on our contact page, message are going through withour this being checked.

Our website Is Zencart 1.5.3 on PHP 5.6 So I tried to install 3.4.1 again and I am still getting the issue.

I have tried this set up in the tpl_contact_us_default.php, tpl_modules_create_account.php and tpl_products_reviews_write_default.php, both:

Code:

<?php echo recaptcha_get_html($publickey, $resp->error,$request_type == 'SSL'); ?>

And

Code:

<?php echo recaptcha_get_html(); ?>

neither work

Theres no error logs and nothing related in the /logs/ folder

I have also set up a new Recaptcha key for shaftlimited.com and configured this new key and again this makes no difference.

The form can be viewed here https://shaftlimited.com/contact_us.html

We did migrate server about 3 months ago, but only recently has this issue come to light.

includes/modules/pages/contact_us/header_php.php around line 18 reads:

Code:

$error = false;
if (isset($_GET['action']) && ($_GET['action'] == 'send')) {
  $name = zen_db_prepare_input($_POST['contactname']);
  $email_address = zen_db_prepare_input($_POST['email']);
  $subject = zen_db_prepare_input($_POST['subject']);
  $enquiry = zen_db_prepare_input(strip_tags($_POST['enquiry']));
  $antiSpam = isset($_POST['should_be_empty']) ? zen_db_prepare_input($_POST['should_be_empty']) : '';
  $zco_notifier->notify('NOTIFY_CONTACT_US_CAPTCHA_CHECK');

  $zc_validate_email = zen_validate_email($email_address);


  if ($zc_validate_email and !empty($enquiry) and !empty($name) and !empty($subject) && $error == FALSE) {
    // if anti-spam is not triggered, prepare and send email:
   if ($antiSpam != '') {
      $zco_notifier->notify('NOTIFY_SPAM_DETECTED_USING_CONTACT_US');
   } elseif ($antiSpam == '') {

    // auto complete when logged in
    if($_SESSION['customer_id']) {
      $sql = "SELECT customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id
              FROM " . TABLE_CUSTOMERS . "
              WHERE customers_id = :customersID";

      $sql = $db->bindVars($sql, ':customersID', $_SESSION['customer_id'], 'integer');
      $check_customer = $db->Execute($sql);
      $customer_email= $check_customer->fields['customers_email_address'];
      $customer_name= $check_customer->fields['customers_firstname'] . ' ' . $check_customer->fields['customers_lastname'];
    } else {
      $customer_email = NOT_LOGGED_IN_TEXT;
      $customer_name = NOT_LOGGED_IN_TEXT;
    }

Please help or let me know if you need further info from me.

Many thanks in advance.