diff --git a/phpBB/language/en/captcha_recaptcha.php b/phpBB/language/en/captcha_recaptcha.php
index 60d61cc2c8..103a9cf89d 100644
--- a/phpBB/language/en/captcha_recaptcha.php
+++ b/phpBB/language/en/captcha_recaptcha.php
@@ -21,7 +21,7 @@ if (!defined('IN_PHPBB'))
if (empty($lang) || !is_array($lang))
{
- $lang = array();
+ $lang = [];
}
// DEVELOPERS PLEASE NOTE
@@ -36,7 +36,7 @@ if (empty($lang) || !is_array($lang))
// equally where a string contains only two placeholders which are used to wrap text
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
-$lang = array_merge($lang, array(
+$lang = array_merge($lang, [
// Find the language/country code on https://developers.google.com/recaptcha/docs/language
// If no code exists for your language you can use "en" or leave the string empty
'RECAPTCHA_LANG' => 'en-GB',
@@ -73,4 +73,5 @@ $lang = array_merge($lang, array(
'RECAPTCHA_V3_THRESHOLD_REPORT' => 'Report threshold',
'RECAPTCHA_V3_THRESHOLDS' => 'Thresholds',
'RECAPTCHA_V3_THRESHOLDS_EXPLAIN' => 'reCAPTCHA v3 returns a score (1.0 is very likely a good interaction, 0.0 is very likely a bot). Here you can set the minimum score per action.',
-));
+ 'EMPTY_RECAPTCHA_V3_REQUEST_METHOD' => 'reCAPTCHA v3 requires to know which available method you want to use when verifying the request.',
+]);
diff --git a/phpBB/phpbb/captcha/plugins/recaptcha_v3.php b/phpBB/phpbb/captcha/plugins/recaptcha_v3.php
index 7505419a31..31cabfbb6f 100644
--- a/phpBB/phpbb/captcha/plugins/recaptcha_v3.php
+++ b/phpBB/phpbb/captcha/plugins/recaptcha_v3.php
@@ -21,15 +21,15 @@ class recaptcha_v3 extends captcha_abstract
/**
* Possible request methods to verify the token.
*/
- const CURL = 'curl';
- const POST = 'post';
- const SOCKET = 'socket';
+ const CURL = 'curl';
+ const POST = 'post';
+ const SOCKET = 'socket';
/**
* Possible domain names to load the script and verify the token.
*/
- const GOOGLE = 'google.com';
- const RECAPTCHA = 'recaptcha.net';
+ const GOOGLE = 'google.com';
+ const RECAPTCHA = 'recaptcha.net';
/** @var array CAPTCHA types mapped to their action */
static protected $actions = [
@@ -139,8 +139,7 @@ class recaptcha_v3 extends captcha_abstract
$language->add_lang('captcha_recaptcha');
- return ($config->offsetGet('recaptcha_v3_key') ?? false)
- && ($config->offsetGet('recaptcha_v3_secret') ?? false);
+ return ($config->offsetGet('recaptcha_v3_key') ?? false) && ($config->offsetGet('recaptcha_v3_secret') ?? false);
}
/**
@@ -162,8 +161,9 @@ class recaptcha_v3 extends captcha_abstract
*/
global $config, $language, $phpbb_log, $request, $template, $user;
- $module->tpl_name = 'captcha_recaptcha_v3_acp';
- $module->page_title = 'ACP_VC_SETTINGS';
+ $module->tpl_name = 'captcha_recaptcha_v3_acp';
+ $module->page_title = 'ACP_VC_SETTINGS';
+ $recaptcha_v3_method = $request->variable('recaptcha_v3_method', '', true);
$form_key = 'acp_captcha';
add_form_key($form_key);
@@ -175,10 +175,15 @@ class recaptcha_v3 extends captcha_abstract
trigger_error($language->lang('FORM_INVALID') . adm_back_link($module->u_action), E_USER_WARNING);
}
+ if (empty($recaptcha_v3_method))
+ {
+ trigger_error($language->lang('EMPTY_RECAPTCHA_V3_REQUEST_METHOD') . adm_back_link($module->u_action), E_USER_WARNING);
+ }
+
$config->set('recaptcha_v3_key', $request->variable('recaptcha_v3_key', '', true));
$config->set('recaptcha_v3_secret', $request->variable('recaptcha_v3_secret', '', true));
$config->set('recaptcha_v3_domain', $request->variable('recaptcha_v3_domain', '', true));
- $config->set('recaptcha_v3_method', $request->variable('recaptcha_v3_method', '', true));
+ $config->set('recaptcha_v3_method', $recaptcha_v3_method);
foreach (self::$actions as $action)
{
@@ -208,7 +213,7 @@ class recaptcha_v3 extends captcha_abstract
'RECAPTCHA_V3_DOMAIN' => $config['recaptcha_v3_domain'] ?? self::GOOGLE,
'RECAPTCHA_V3_DOMAINS' => [self::GOOGLE, self::RECAPTCHA],
- 'RECAPTCHA_V3_METHOD' => $config['recaptcha_v3_method'] ?? self::POST,
+ 'RECAPTCHA_V3_METHOD' => $config['recaptcha_v3_method'] ?? '',
'RECAPTCHA_V3_METHODS' => [
self::POST => ini_get('allow_url_fopen') && function_exists('file_get_contents'),
self::CURL => extension_loaded('curl') && function_exists('curl_init'),