dev/core#2150 Re-enact the recapture validation by validating the response token...

Ensure the form rule is actually triggered not just registered

diff --git a/CRM/Utils/ReCAPTCHA.php b/CRM/Utils/ReCAPTCHA.php
index 14c4272f9ddc43b9a00ae8751e351585a7675132..2764e242641c8d061804f234c04f72b7016465c3 100644 (file)
--- a/CRM/Utils/ReCAPTCHA.php
+++ b/CRM/Utils/ReCAPTCHA.php
@@ -96,6 +96,7 @@ class CRM_Utils_ReCAPTCHA {
       TRUE
     );
     $form->registerRule('recaptcha', 'callback', 'validate', 'CRM_Utils_ReCAPTCHA');
+    $form->addRule('g-recaptcha-response', ts('Please go back and complete the CAPTCHA at the bottom of this form.'), 'recaptcha');
     if ($form->isSubmitted() && empty($form->_submitValues['g-recaptcha-response'])) {
       $form->setElementError(
         'g-recaptcha-response',
@@ -117,4 +118,18 @@ class CRM_Utils_ReCAPTCHA {
     }
   }
 
+  /**
+   * @param $value
+   * @param CRM_Core_Form $form
+   *
+   * @return mixed
+   */
+  public static function validate($value, $form) {
+    $resp = recaptcha_check_answer(CRM_Core_Config::singleton()->recaptchaPrivateKey,
+      $_SERVER['REMOTE_ADDR'],
+      $_POST['g-recaptcha-response']
+    );
+    return $resp->is_valid;
+  }
+
 }