duanhunlou7051 2019-01-26 21:33
浏览 180
已采纳

WordPress过滤器:wp_authenticate_user无法获取用户数据

For a WordPress + WooCommerce setup, I'm trying to implement email activation and Google Captcha function on login using wp_authenticate_user filter, but the order of checking these are wrong.

Ok scenario

  1. Blank username and password without Captcha submit > get the correct error saying the password is blank.

  2. Invalid username without password and Captcha submit > correct error message saying bad username or password.

  3. Valid username with a wrong password with Captcha submit > bad username or password

Bad scenario

  1. valid username with a wrong password without Captcha submit > Captcha error (expecting bad username or password).

How can I change this to check Captcha after username and password validation?

Note:

If I switch email activated check to have more priority then I get that error on bad scenario.

Captcha check

function display_login_captcha() { ?>
    <div class="g-recaptcha" data-sitekey="<?php echo get_option('captcha_site_key'); ?>"></div>
<?php }
add_action( "login_form", "display_login_captcha" );

function verify_login_captcha($user,$password) {
    if (isset($_POST['g-recaptcha-response'])) {
        $recaptcha_secret = get_option('captcha_secret_key');
        $response = wp_remote_get("https://www.google.com/recaptcha/api/siteverify?secret=". $recaptcha_secret ."&response=". $_POST['g-recaptcha-response']);
        $response = json_decode($response["body"], true);
        if (true == $response["success"]) {
            return $user;
        } else {
            return new WP_Error("Captcha Invalid", __(" Only 3 attemps allowed,  Are you Human? Please validate yourself"));
        }
    } else {
        return new WP_Error("Captcha Invalid", __(" Only 3 attemps allowed, It seems like we are having hard time identifying you as a human! If you are then enable JavaScript"));
    }
}
add_filter("wp_authenticate_user", "verify_login_captcha", 10, 2);

Activation check

function custom_authenticate_user($userdata) {
    $isActivated = get_user_meta($userdata->ID, 'is_activated', true);
    if (!$isActivated) {
        $userdata = new WP_Error(
                            'inkfool_confirmation_error',
                            __( '<strong>ERROR:</strong> 111 <'.$userdata->id.'>Your account has to be activated before you can login. You can resend by clicking <a href="/sign-in/?u='.$userdata->ID.'">here</a>', 'inkfool' )
                        );
    }
    return $userdata;
}
add_filter('wp_authenticate_user', 'custom_authenticate_user',11,1);
  • 写回答

1条回答 默认 最新

      报告相同问题?

      相关推荐 更多相似问题

      悬赏问题

      • ¥15 dataframe 某列数据分列
      • ¥15 风扇导入fluent后仿真压力和速度数据卡在旋转域
      • ¥15 echarts中dataZoom报错
      • ¥15 求解答:《前端综合基础》作为一门课程的话,应该包含哪些内容?
      • ¥15 软件原型系统开发+实例测试
      • ¥50 C#上位机调试Win USB
      • ¥15 java基础望榜榜 java基础望榜榜
      • ¥15 comsol 周期性端口
      • ¥15 unity导出微信小游戏的测试中双击未响应
      • ¥15 SPI驱动LORA接收端RF_BUSY