reCAPTCHA-2 module

Fix for Frozen login page

3) /includes/modules/content/login/cm_login_form.php

FIND this code:

      if (isset($_GET['action']) && ($_GET['action'] == 'process') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
        $email_address = tep_db_prepare_input($_POST['email_address']);
        $password = tep_db_prepare_input($_POST['password']);

// Check if email exists
        $customer_query = tep_db_query("select customers_id, customers_password from customers where customers_email_address = '" . tep_db_input($email_address) . "' limit 1");
        if (!tep_db_num_rows($customer_query)) {
          $error = true;
        } else {
          $customer = tep_db_fetch_array($customer_query);

// Check that password is good
          if (!tep_validate_password($password, $customer['customers_password'])) {
            $error = true;
          } else {
// set $login_customer_id globally and perform post login code in catalog/login.php
            $login_customer_id = (int)$customer['customers_id'];

// migrate old hashed password to new phpass password
            if (tep_password_type($customer['customers_password']) != 'phpass') {
              tep_db_query("update customers set customers_password = '" . tep_encrypt_password($password) . "' where customers_id = '" . (int)$login_customer_id . "'");
            }
//from login.php
            if ( is_int($login_customer_id) && ($login_customer_id > 0) ) {
              if (SESSION_RECREATE == 'True') {
                tep_session_recreate();
              }

              $customer_info_query = tep_db_query("select c.customers_firstname, c.customers_default_address_id, ab.entry_country_id, ab.entry_zone_id from customers c left join address_book ab on (c.customers_id = ab.customers_id and c.customers_default_address_id = ab.address_book_id) where c.customers_id = '" . (int)$login_customer_id . "'");
              $customer_info = tep_db_fetch_array($customer_info_query);

              $customer_id = $login_customer_id;
              tep_session_register('customer_id');

              $customer_default_address_id = $customer_info['customers_default_address_id'];
              tep_session_register('customer_default_address_id');

              $customer_first_name = $customer_info['customers_firstname'];
              tep_session_register('customer_first_name');

              $customer_country_id = $customer_info['entry_country_id'];
              tep_session_register('customer_country_id');

              $customer_zone_id = $customer_info['entry_zone_id'];
              tep_session_register('customer_zone_id');

              tep_db_query("update customers_info set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null where customers_info_id = '" . (int)$customer_id . "'");

// reset session token
              $sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());

// restore cart contents
              $cart->restore_contents();

              if (sizeof($navigation->snapshot) > 0) {
                $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
                $navigation->clear_snapshot();
                tep_redirect($origin_href);
              }

              tep_redirect(tep_href_link('index.php'));
            }
          }
        }
      }

      if ($error == true) {
        $messageStack->add('login', MODULE_CONTENT_LOGIN_TEXT_LOGIN_ERROR);
      }



REPLACE it with this:



// reCAPTCHA-2 for Frozen - Start
      if ((MODULE_CONTENT_RECAPTCHA_STATUS == 'True') && (MODULE_CONTENT_RECAPTCHA_PAGE_LOGIN == 'True')) { // reCAPTCHA module & login page enabled
	  
        if (isset($_GET['action']) && ($_GET['action'] == 'process') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
            $recaptcha = $_POST['g-recaptcha-response'];
            $object = new Recaptcha();
            $response = $object->verifyResponse($recaptcha);

// Check if reCaptcha is correct
            if (isset($response['success']) and $response['success'] != true) {
                $messageStack->add('login', MODULE_CONTENT_RECAPTCHA_ERROR . ' (Error: ' . $response['error-codes'] . ')');
                $_POST['password'] = "";
            } else {
                $email_address = tep_db_prepare_input($_POST['email_address']);
                $password = tep_db_prepare_input($_POST['password']);

// Check if email exists
                $customer_query = tep_db_query("select customers_id, customers_password from customers where customers_email_address = '" . tep_db_input($email_address) . "' limit 1");
                if (!tep_db_num_rows($customer_query)) {
                    $error = true;
                } else {
                    $customer = tep_db_fetch_array($customer_query);

// Check that password is good
                    if (!tep_validate_password($password, $customer['customers_password'])) {
                        $error = true;
                    } else {
// set $login_customer_id globally and perform post login code in catalog/login.php
                        $login_customer_id = (int)$customer['customers_id'];

// migrate old hashed password to new phpass password
                        if (tep_password_type($customer['customers_password']) != 'phpass') {
                            tep_db_query("update customers set customers_password = '" . tep_encrypt_password($password) . "' where customers_id = '" . (int)$login_customer_id . "'");
                        }
//from login.php
                        if ( is_int($login_customer_id) && ($login_customer_id > 0) ) {
                            if (SESSION_RECREATE == 'True') {
                                tep_session_recreate();
                            }

                            $customer_info_query = tep_db_query("select c.customers_firstname, c.customers_default_address_id, ab.entry_country_id, ab.entry_zone_id from customers c left join address_book ab on (c.customers_id = ab.customers_id and c.customers_default_address_id = ab.address_book_id) where c.customers_id = '" . (int)$login_customer_id . "'");
                            $customer_info = tep_db_fetch_array($customer_info_query);

                            $customer_id = $login_customer_id;
                            tep_session_register('customer_id');

                            $customer_default_address_id = $customer_info['customers_default_address_id'];
                            tep_session_register('customer_default_address_id');

                            $customer_first_name = $customer_info['customers_firstname'];
                            tep_session_register('customer_first_name');

                            $customer_country_id = $customer_info['entry_country_id'];
                            tep_session_register('customer_country_id');

                            $customer_zone_id = $customer_info['entry_zone_id'];
                            tep_session_register('customer_zone_id');

                            tep_db_query("update customers_info set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null where customers_info_id = '" . (int)$customer_id . "'");

// reset session token
                            $sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());

// restore cart contents
                            $cart->restore_contents();

                            if (sizeof($navigation->snapshot) > 0) {
                                $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
                                $navigation->clear_snapshot();
                                tep_redirect($origin_href);
                            }

                            tep_redirect(tep_href_link('index.php'));
                        }
                    }
                }
            }
        }

      } else { // reCAPTCHA module not enabled OR login page is not selected for it, use default validation code below

        if (isset($_GET['action']) && ($_GET['action'] == 'process') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
            $email_address = tep_db_prepare_input($_POST['email_address']);
            $password = tep_db_prepare_input($_POST['password']);

// Check if email exists
            $customer_query = tep_db_query("select customers_id, customers_password from customers where customers_email_address = '" . tep_db_input($email_address) . "' limit 1");
            if (!tep_db_num_rows($customer_query)) {
                $error = true;
            } else {
                $customer = tep_db_fetch_array($customer_query);

// Check that password is good
                if (!tep_validate_password($password, $customer['customers_password'])) {
                    $error = true;
                } else {
// set $login_customer_id globally and perform post login code in catalog/login.php
                    $login_customer_id = (int)$customer['customers_id'];

// migrate old hashed password to new phpass password
                    if (tep_password_type($customer['customers_password']) != 'phpass') {
                        tep_db_query("update customers set customers_password = '" . tep_encrypt_password($password) . "' where customers_id = '" . (int)$login_customer_id . "'");
                    }
//from login.php
                    if ( is_int($login_customer_id) && ($login_customer_id > 0) ) {
                        if (SESSION_RECREATE == 'True') {
                            tep_session_recreate();
                        }

                        $customer_info_query = tep_db_query("select c.customers_firstname, c.customers_default_address_id, ab.entry_country_id, ab.entry_zone_id from customers c left join address_book ab on (c.customers_id = ab.customers_id and c.customers_default_address_id = ab.address_book_id) where c.customers_id = '" . (int)$login_customer_id . "'");
                        $customer_info = tep_db_fetch_array($customer_info_query);

                        $customer_id = $login_customer_id;
                        tep_session_register('customer_id');

                        $customer_default_address_id = $customer_info['customers_default_address_id'];
                        tep_session_register('customer_default_address_id');

                        $customer_first_name = $customer_info['customers_firstname'];
                        tep_session_register('customer_first_name');

                        $customer_country_id = $customer_info['entry_country_id'];
                        tep_session_register('customer_country_id');

                        $customer_zone_id = $customer_info['entry_zone_id'];
                        tep_session_register('customer_zone_id');

                        tep_db_query("update customers_info set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null where customers_info_id = '" . (int)$customer_id . "'");

// reset session token
                        $sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());

// restore cart contents
                        $cart->restore_contents();

                        if (sizeof($navigation->snapshot) > 0) {
                            $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
                            $navigation->clear_snapshot();
                            tep_redirect($origin_href);
                        }

                        tep_redirect(tep_href_link('index.php'));
                    }
                }
            }
        }

      } // reCAPTCHA-2 for BS Edge closing bracket

      if ($error == true) {
          $messageStack->add('login', MODULE_CONTENT_LOGIN_TEXT_LOGIN_ERROR);
          $_POST['password'] = "";
      }
// reCAPTCHA-2 for Frozen - End


