Login to admin with Recaptcha

autosurf

Member
License Active
I just update with V1.8 and i put Recaptcha to login to admin area

If i put my good password without captcha => i go to admin panel with the error message
"Please prove that you are a real person and not a bot."

but now there is nothing I can do!
I am stuck on the admin, the logout does not work
forced to rewind pages in the browser

Maybe it would be better to be blocked on the login page?

NB : it's the same if i put a bad password :/
 

Mark

Administrator
Staff member
you can make this change now if it bothers you:
open sources/admin.php
find:
Code:
      $this->error($LNG['join_error_recaptcha']);
replace with:
Code:
      $this->error($LNG['join_error_recaptcha']. '<meta http-equiv="refresh" content="2; url=./admin">');
 

autosurf

Member
License Active
it works BUT we see the admin panel before returning to the login page :(

I change in sources/admin.php
$this->error($LNG['join_error_recaptcha']);
with
header("Location: {$TMPL['list_url']}/admin/?bf=2");
exit;
AND

I change in admin/index.php
if (!empty($_GET['bf'])) {

// If blocked by bruteforce
$error = $LNG['g_invalid_u_or_p_bfd'];

}
with
if (!empty($_GET['bf'])) {

// If blocked by bruteforce
$error = $LNG['g_invalid_u_or_p_bfd'];
if ($_GET['bf'] == 2) $error = $LNG['join_error_recaptcha'];

}
 

Mark

Administrator
Staff member
it works BUT we see the admin panel before returning to the login page :(
Yes, that was intentional. To display the error message, capture the IP for brute force block and return the user to the login form.
 
Top