We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 30023
    • 172 Posts

    Is there a way of implementing any form of captcha with the webloginpe register forms?

    As far as I can see, there is a placeholder for a image vericode, but no means of activiting vericode itself.

    -- Tim.
    • Can you be more specific? What exactly are you trying? The default registration form does use a CAPTCHA code. I’m wading through this Snippet too, so I can sympathize with your frustration. I’m making a mess in the wiki, but I did put together a working implementation of this Snippet. See http://wiki.modxcms.com/index.php/WebLoginPE_Examples

      The registration form there DOES use a CAPTCHA code.
        • 30023
        • 172 Posts
        Ah - the instant registration uses captcha, but not the one which requires email verification (which I am using). I will investigate a bit further...

        -- Tim.
        • Ah... you’re right. If you use your own custom chunk for the instant registration, can you include a captcha?
            • 30023
            • 172 Posts

            Sorted it.

            You need to include the mark-up for vericode in your form chunk (just copy it from the default template for instant registration) and set &regRequired - see documentation - and make sure you include ’formcode’.

            Search webloginpe.class.php for ’formcode’ and you’ll see how it works. From what I can see you must do this anyway regardless of whether the regType is ’instant’ or ’verify’ - implying that using instant registration with the default templates and not setting regRequired explicitly results in the vericode image being displayed but not used!

            -- Tim.
              • 29626
              • 34 Posts
              Hello Everett and TimGS,

              I have a similar need to do some job and I resolve it following your ideas and some pieces of my brain too.
              My need was drawing a catpcha code at login form and verify it when an user submit the wlpeLogin form.

              Making an user typing error with the captcha code input could be account blocker or not. We retain it will not enough to block the account if the login/password are correct.

              So giving the solution here:

              In the file webloginpe.class.php search the function Authenticate() {}
              if (!$authenticate || (is_array($authenticate) && !in_array(TRUE, $authenticate)))
                  // check user password - local authentication
                  if ($this->User['password'] != md5($this->Password))
                      // in the case of a persistent login the password will already be a MD5 checksum.
                      if ($this->User['password'] != $this->Password)
              	    $this->LoginErrorCount = 1;
                  //check captcha code entered... maybe mb_ereg_match() is far far better than this solution?
                  if ($_POST['formcode'] != $_SESSION['veriword']) 
                      $this->LoginErrorCount = 2;
              //doing verification job if the capctha is not correct
              if ($this->LoginErrorCount == 2) 
                    $anError = $this->LanguageArray[6];
                    $this->LoginErrorCount = 0;
                    return $this->FormatMessage($anError);
              if ($this->LoginErrorCount == 1) {

              After you will need to modify the event OnWebAuthentication to add the captcha parameter:
              	function OnWebAuthentication()
              		global $modx;
              		$parameters = array(
              		    'internalKey'	=> $this->User['internalKey'],
              		    'username'          => $this->Username,
              		    'form_password'	=> $this->Password,
              		    'db_password'	=> $this->User['password'],
              		    'rememberme'        => $_POST['rememberme'],
                      	    'formcode'          => $_POST['formcode'],
                      	    'stayloggedin'	=> $_POST['stayloggedin']
              		$modx->invokeEvent('OnWebAuthentication', $parameters);

              Of course you need to add to your snippet call the &regRequired fields like formcode and including the captcha output in your login XHTML chunck used as template (like TimGS have said before).

              Thanks for sharing your solutions and hope mine will be usefull too.

                • 1783
                • 23 Posts
                anyone knows how to add CAPTCHA to ’Send message to User’ form?