reCaptcha never gets past its robot challenge

[Scott Dickson 0]

Recently upgraded to TNG 12.2, but this problem was in 12.1 as well.

Whenever someone, who is not logged in, clicks the Suggest link, they get the reCaptcha I am Not a Robot box.  But, when they click it and click continue, they don't get a form.  Just the robot challenge again.

I verified that the reCaptcha v2 keys were in place.  I even created new keys and installed them.  But no luck.  Same thing.

I have no mods installed.  This is an environment that was freshly installed with 12, rather than an upgrade.

Any suggestions or logs I could look at for more details? 

Thanks,
--SCott

[bhemph 0]

Scott, do you have a link to your website so that we can take a look at any possible console errors?

[Scott Dickson 0]

My site is http://wrenacres.com/genealogy

Are there any other logs from the CPanel side that would be helpful?

--SCott

[Dave Short 0]

I'm getting this problem as well. Is there a solution?

my site is www.muggeridge.info.

Dave

[bhemph 0]

When you go into the Google reCaptcha admin panel, the settings there are what must not be set quite as Google expects them to be since it keeps failing to continue like it does.  I looked at my settings to see what I have set.
reCaptcha type:  v2 Checkbox
Domains:  Just my root address, so wrenacres.com for Scott and muggeridge.info for Dave would be the same.
Owners:  My email address, which was used to log in to check the settings, so can't really be wrong.
Security Preference:  It looks like the dot is in the middle of the slider bar, which I assume is the default position.  Then both check boxes are checked.

Then I made sure that the Site Key is in the reCaptcha Site Key field and the Secret Key is in the reCaptcha Secret field in the TNG settings and that they match what Google shows in their settings.  The logs indicate that there are passes of the Captcha in the statistics.

[Dave Short 0]

Thanks for your reply, bhemph; but I have exactly as you describe. But it still doesn't work, and Google says: "We detected that your site isn't verifying reCAPTCHA solutions. This is required for the proper use of reCAPTCHA on your site. " Do you know what that means?

[Ken Roy 0]

You might want to consider installing the Image Captcha Mod and forget about reCaptha.

[Scott Dickson 0]

2 hours ago, Dave Short said:

Thanks for your reply, bhemph; but I have exactly as you describe. But it still doesn't work, and Google says: "We detected that your site isn't verifying reCAPTCHA solutions. This is required for the proper use of reCAPTCHA on your site. " Do you know what that means?

Me, too.  Exactly the same.

And I think this is not only keeping people from making comments, but also from changing passwords (and anything else that uses Captcha verification).  I suppose I will need to try imageCaptcha, even though it kind of drives me crazy to use.

[Ken Roy 0]

Make sure you requested a V2 reCaptcha key and not a v3 key which TNG does not support

There are also other Captcha Mods that work with TNG which has had the hooks for suggest, contact us, and new account request since TNG v6.  I gave up on reCaptcha after Google acquired it from Carnegie Mellon because have the time I could not read the challenges.

[bhemph 0]

Scott and Dave, this same question was asked on the tngusers2 maillist.  Darrin replied that your host may have allow_url_fopen disabled.  You can check that from your admin screen >> Setup >> Diagnostics >> PHP Info link.  Then hit control + F to search the screen in your browser for fopen.  If it says Off, then you will need to see if you have access to change the setting in your cPanel.  Otherwise creating a php.ini file and put

allow_url_fopen = On;

into the file to do the override.  This php.ini file will need to be in your tng root folder in order to apply to the tng files.

Brent

[Scott Dickson 0]

Interesting that changing the setting supposedly for my whole site, or in my home directory wasn't enough.  Once I set it in the TNG directory, it seems to be working.
Thanks for the fix!

--SCott

[Dave Short 0]

Brent,

Thanks for your reply. However, I could not get it to work, so I asked my hosting support team. Their reply was:

"Thank you for your enquiry.

allow_url_fopen is disabled across all our shared hosting platform, as it poses a security risk from badly-written or malicious scripts. This is a platform-wide setting and cannot be modified.

If you want to include files from third-party sites, then you need to change the code to use PHP's curl() functions instead.

For example:

$file = file_get_contents("http://www.example.com/page.html");

would become 

$url = 'http://www.example.com/page.html"';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $file = curl_exec($ch); curl_close($ch); "

Would this solve my problem, if I was able to find out where top put it?

Dave

[Ken Roy 0]

You probably need to provide that information to Darrin