Theme My Login: reCAPTCHA and email don't work

Hi!

When users try to register through the Theme My Login form, they always get the message that the reCAPTCHA is wrong no matter what. All I have to do to have the reCAPTCHA working is to insert the public and private keys in the reCAPTCHA section of Theme My Login's menu, right? Or do I also need to add those codes mentioned in the reCAPTCHA site (I presumed the plugin already did that)? Below is a copy of what's said in the reCaptcha website:
"-Step 1: client-side integration
Paste this snippet before the closing </head> tag on your HTML template:
<script src='https://www.google.com/recaptcha/api.js'></script>
Paste this snippet at the end of the <form> where you want the reCAPTCHA widget to appear:
<div class="g-recaptcha" data-sitekey="[hidden by OP for security]"></div>
The reCAPTCHA documentation site describes more details and advanced configurations.

-Step 2: server side integration
When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret(required): [hidden by OP for security]
response(required): The value of 'g-recaptcha-response'.
remoteip: The end user's ip address."

The second problem I'm experiencing is about the confirmation email: I've filled all the fields in the plugin's menu, but users are still getting the default email, not the one I've created.

I'm using Blog Templates, and I already tried inserting the reCAPTCHA keys in the profile I use as template, with the same result I had when they were inserted only in my admin profile.

How do I solve this?

*Support access ia active, so you guys can access my site if needed.

Thanks. :slight_smile:

  • Tyler Postle

    Hey Gabriel,

    Hope you're doing well today!

    I just signed up a user on your site and the recaptcha seemed to work fine for me :slight_smile: You'll notice that the member tyepo7878 is in the unconfirmed category as I just used a dummy email and didn't confirm it.

    I tried another one and purposely put the captcha in wrong and it gave me the invalid error.

    If you're wanting it for creating sites I would actually recommend using our Anti-Splog plugin: https://premium.wpmudev.org/project/anti-splog/

    It supports the "Are you human" verification method which I actually prefer to reCAPTCHA and of course it's designed for multisites :slight_smile: just my thoughts though.

    Look forward to hearing back!

    All the best,
    Tyler

  • Wheel of Commerce

    I fill in all the fields, then I press Next, get redirected to a second page where I'm asked to insert a title for the site, then when I click Next (or something like that) I get redirected back to the first registration page with a message at the reCAPTCHA panel saying it's wrong.

    BTW, when I deactivated the reCAPTCHA, I was able to register, but the confirmation email I got was the default one the plugin sents, instead of the one I've created and inserted in the plugin's settings.

    Support access is active if you want to take a look.

    Thanks.

  • Wheel of Commerce

    Update: Michael Bissett was able to register a new username, but got the same reCAPTCHA error I got when trying to register a new site, so the issue isn't on my end after all.

    Just remembering: after disabling the reCAPTCHA in TML's settings, I was able to register a new site. Nevertheless, the confirmation email I got was the default one generated by TML, instead of the one I've inserted in the plugin's settings.

  • Michael Bissett

    Hey @Gabriel,

    Regarding the confirmation email, it's not looking like Theme My Login replaces the welcome email sent out by WordPress, when on Multisite. Looked up, down, and sideways, and that's what I'm finding. :disappointed:

    In order to edit that email, you'll need to go to:

    Settings -> Network Settings

    And edit the "Welcome Email" there, that's looking like your means to alter the email sent to your users presently.

    Kind Regards,
    Michael

  • Wheel of Commerce

    I'm now using SB Welcome Email Editor for the email part. Regarding the reCAPTCHA, I've installed WPMU Anti-Splog, but it isn't being displayed at /register; not sure if the plugin would insert it only for posts, comments and such, but if it can insert the reCAPTCHA at the registration form, that'd be great. I know there are hundreds of plugins for that, but I'm really trying to stick only with the absolutely necessary plugins, since, after installing more 3 I need, I'll have like 30 on my site.

    Another thing about Anti-Splog: should I keep using Akismet? I mean, couldn't using both end up causing any conflict or something?

    Thanks.

  • Wheel of Commerce

    Update: Predrag Dubajic (one of you guys from WPMU) tested Theme My Login with Twenty Fifteen and no other plugins activated and had the same issue with the reCAPTCHA, so it's definitely a problem generated by the plugin itself. Considering that the dev takes ages to answer the questions in the support page, if any of you guys can help with it, that'd be great.

    Thanks. :slight_smile:

  • Michael Bissett

    Hey @Gabriel,

    Regarding the reCAPTCHA, I've installed WPMU Anti-Splog, but it isn't being displayed at /register; not sure if the plugin would insert it only for posts, comments and such, but if it can insert the reCAPTCHA at the registration form, that'd be great.

    Another thing about Anti-Splog: should I keep using Akismet? I mean, couldn't using both end up causing any conflict or something?

    You'd want to keep using Akismet (or a similar solution), as that'd handle spam comments on your posts. As for Anti-Splog, that takes care of spam blogs (splogs), reducing the likelihood of them being created on your network.

    And if one should happen to be created on your network, Anti-Splog will keep an eye on the posts that it makes, as described on the project page:

    Post-monitoring then takes the game to a whole new level – where the service may not have enough information to mark a blog as spam right at signup, fear not. The second a splogger writes a spam post, no matter how cleverly disguised, our API service analyzes it and boom, that splog is shutdown.

    I can see that the reCAPTCHA is being inserted on the 2nd step for /register page, when you're filling out the site details (where it should be, as it's placed there to control spam blog signups). Is it not showing up there for you presently?

    Update: Predrag Dubajic (one of you guys from WPMU) tested Theme My Login with Twenty Fifteen and no other plugins activated and had the same issue with the reCAPTCHA, so it's definitely a problem generated by the plugin itself.

    Thought you were using Anti-Splog now to prevent spam blog signups, not sure why we're going back to this plugin? Is there something I'm missing? :slight_smile:

    Please advise,
    Michael

  • Wheel of Commerce

    Oh, sorry. Yes, I see the reCAPTCHA in the second page of the registration and it's working.

    Now I only have to find a way to customize the activation email. I thought SB Welcome Email Editor did this, but it doesn't. I've found some tutorials that show how to change the text of the email, but not a single plugin for something that appears to be rather simple and extremely necessary. Do you know of a solution for it?

    Thanks.

  • Wheel of Commerce

    Tyler mentioned the following during a chat:
    http://websistent.com/custom-buddypress-activation-email/

    In my case, since the registration displays the options "Just an username" or "Give me a site", I'm presuming both "Registration with blog" and "Registration without blog" are required, I just need to know what's the code I'll use to create the plugin. Also, I need to change the "Sent from" email field, and I don't see that part in the code provided there.

    Thanks.

  • Michael Bissett

    Hey @Gabriel,

    In my case, since the registration displays the options "Just an username" or "Give me a site", I'm presuming both "Registration with blog" and "Registration without blog" are required, I just need to know what's the code I'll use to create the plugin.

    You should be able to do that with this:

    <?php
    
    add_filter( 'bp_core_activation_signup_user_notification_subject', 'custom_buddypress_activation_subject', 10, 5 );
    
    function custom_buddypress_activation_subject( $subject, $user, $user_email, $key, $meta ) {
        return $user . ' – Activate your ' . get_bloginfo( 'name' ) . ' account';
    }
    
    add_filter( 'bp_core_activation_signup_user_notification_message', 'custom_buddypress_activation_message', 10, 5 );
    
    function custom_buddypress_activation_message( $message, $user, $user_email, $key, $meta ) {
        $activate_url = bp_get_activation_page() . "?key=$key";
        $activate_url = esc_url( $activate_url );
        return "Hi $user,
    Thanks for registering! To complete the activation of your account please click the following link:
    $activate_url
    Thanks,
    Jesin";
    }
    
    add_filter('bp_core_activation_signup_blog_notification_message', 'custom_bp_change_activation_email_message', 10, 8);
    function custom_bp_change_activation_email_message($message, $domain, $path, $title, $user, $user_email, $key, $meta) {
    	//	Get some globals
    	global $bp;
    
    	//	Get the slug of the activation page
    	$slug = $bp->pages->{"activate"}->slug;
    
    	//	Make activation URL
    	$url = sprintf("%s/%s/?key=%s", get_bloginfo('url'), $slug, $key);
    
    	//	Custom message with activation key
    	$message = "Yayy! Thanks for signing up! Please confirm your account!\n\n$url";
    
    	return $message;
    }
    
    add_filter('bp_core_activation_signup_blog_notification_subject', 'custom_bp_change_activation_email_subject', 10, 8);
    function custom_bp_change_activation_email_subject($subject, $domain, $path, $title, $user, $user_email, $key, $meta) {
    	return 'Activate http://'.$_SERVER"HTTP_HOST".$path;
    }

    Also, I need to change the "Sent from" email field, and I don't see that part in the code provided there.

    This reminds me of a plugin I ran into the other day, I'd advise having a look at it:

    https://www.tipsandtricks-hq.com/wordpress-plugin-change-wp-email-from-details-1883

    Kind Regards,
    Michael

  • Wheel of Commerce

    Update:
    I've installed another reCAPTCHA plugin, as the previous one was returning an error. It's working, but I'd like to insert the reCAPTCHA below the confirm password part, instead of right after the email address field.

    The plugin to change the confirmation email name and email address fields works. I've tried another mu plugin to change the message at the confirmation email, but it didn't work -it didn't return any errors though.

    <?php
    add_filter('bp_core_signup_send_validation_email_message', 'custom_bp_change_activation_email_message');
    function custom_bp_change_activation_email_message($message) {
    	//	Get some globals
    	global $bp, $wpdb;
    
    	//	Get the slug of the activation page
    	$slug = $bp->pages->{"activate"}->slug;
    
    	//	Get username from the signup form just posted
    	$username = $bp->signup->username;
    
    	//	SQL query to get activation key for that username
    	$sql = 'select meta_value from wp_usermeta where meta_key="activation_key" and user_id in (select ID from wp_users where user_login="' . $username . '" and user_status=2)';
    
    	//	Getting the activation key from the database
    	$activation_key = $wpdb->get_var($sql);
    
    	//	Make activation URL
    	$url = sprintf("%s/%s/?key=%s", WP_HOME, $slug, $activation_key);
    
    	//	Custom message with activation key
    	$message = "Yayy! Thanks for signing up! Please confirm your account!\n\n$url";
    
    	return $message;
    }

    Thanks.

  • Michael Bissett

    Hey @Gabriel,

    I've installed another reCAPTCHA plugin, as the previous one was returning an error. It's working, but I'd like to insert the reCAPTCHA below the confirm password part, instead of right after the email address field.

    It looks like there's something else inserting the password fields, by default, a user's not required to enter a password when signing up for a site.

    In this case, while it'd be something you'd most likely want to bring to the developer's attention, from looking at the code (inside the WP Admin inteface, FTP access isn't working presently, which we'll get to in a moment), the code in:

    wp-recaptcha/recaptcha.php

    That being this:

    if ($this->is_multi_blog()) {
                add_action('signup_extra_fields', array(&$this,
                    'show_recaptcha_in_registration'));
            }

    Would need to be examined further, I would think that removing the action, and then adding it later would help (by later, I mean adjusting the priority, that would require fiddling with the code though).

    Regarding the code that I gave you earlier, the FTP access details I mentioned earlier don't seem to be working, I'll be emailing you about those, as I'll need to check that more closely.

    Kind Regards,
    Michael

  • Michael Bissett

    Hey @Gabriel,

    Regarding the question you asked in email:

    Regarding the position of the reCAPTCHA in that first page of the registration form, I'd like to reposition it for aesthetic reasons. Since, as you mentioned, this seems to be rather complicated and I have other priorities atm, would it cause any issues to leave the reCAPTCHA where it is? It's working, it's just placed in a position I wouldn't like it to be.

    It wouldn't cause any issues to leave it where it is right now. :slight_smile:

    Regarding the signup code side of things, I've revised my earlier snippet, which I've now inserted into your site, and can confirm that the error you mentioned no longer appears:

    <?php
    
    add_filter( 'bp_core_activation_signup_user_notification_subject', 'custom_buddypress_activation_subject', 10, 5 );
    
    function custom_buddypress_activation_subject( $subject, $user, $user_email, $key, $meta ) {
        return $user . ' – Activate your ' . get_bloginfo( 'name' ) . ' account';
    }
    
    add_filter( 'bp_core_activation_signup_user_notification_message', 'custom_buddypress_activation_message', 10, 5 );
    
    function custom_buddypress_activation_message( $message, $user, $user_email, $key, $meta ) {
        $activate_url = bp_get_activation_page() . "?key=$key";
        $activate_url = esc_url( $activate_url );
        return "Hi $user,
    Thanks for registering! To complete the activation of your account please click the following link:
    $activate_url
    Thanks,
    Wheel of Commerce";
    }
    
    add_filter('bp_core_activation_signup_blog_notification_message', 'custom_bp_change_activation_email_message', 10, 8);
    function custom_bp_change_activation_email_message($message, $domain, $path, $title, $user, $user_email, $key, $meta) {
    	//	Get some globals
    	global $bp;
    
    	//	Get the slug of the activation page
    	$slug = $bp->pages->{"activate"}->slug;
    
    	//	Make activation URL
    	$url = sprintf("%s/%s/?key=%s", get_bloginfo('url'), $slug, $key);
    
    	//	Custom message with activation key
    	$message = "Yayy! Thanks for signing up! Please confirm your account!\n\n$url";
    
    	return $message;
    }
    
    add_filter('bp_core_activation_signup_blog_notification_subject', 'custom_bp_change_activation_email_subject', 10, 8);
    function custom_bp_change_activation_email_subject($subject, $domain, $path, $title, $user, $user_email, $key, $meta) {
    	return 'Activate http://&#039; . $domain . $path;
    }

    Could you confirm the same on your end please? :slight_smile:

    Kind Regards,
    Michael

    Edit: The "Activate" text on that last snippet should be like this:

    'Activate http://'

    Instead of like this:

    'Activate http://&#039;

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.