I've added a captcha to commerce_checkout_form_review. It displays a challenge, but even if I don't type anything in the captcha form it let's me through. Is there some way to fix it?

CommentFileSizeAuthor
#3 cambios.patch1 KBeleonel
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

rszrama’s picture

rszrama CreditAttribution: rszrama commented
Status: Active » Fixed

The checkout form does not use form level validate / submit handlers. Instead you should add your validate handler for the CAPTCHA to the continue button of the form. See the form builder function in commerce_checkout.pages.inc for more info.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

eleonel’s picture

eleonel
he/him
Primary language Spanish
Location Itoshima 🇯🇵
CreditAttribution: eleonel commented
FileSize
cambios.patch1 KB

Hi, i make this patch, it's work for me.

onefeatureman’s picture

onefeatureman CreditAttribution: onefeatureman commented
Issue summary: View changes

Applied patch still lets the checkout form validate without a proper CAPTCHA. It would be beneficial to give more pointers how to add validate handler for the CAPTCHA to the continue button of the form.
Thank You in advance.

fox mulder’s picture

fox mulder CreditAttribution: fox mulder commented
Status: Closed (fixed) » Active

#rszrama: Can you give a more detailed answer to this question for us?

rszrama’s picture

rszrama CreditAttribution: rszrama at Centarro commented
Status: Active » Closed (fixed)

I'm sorry, I don't have the time really. It just needs a button level submit handler, but I still think a CAPTCHA on checkout review is a poor idea. If you need assistance with altering on button level submit handlers, I recommend https://drupal.stackexchange.com.

fox mulder’s picture

fox mulder CreditAttribution: fox mulder commented

We are using commerce_checkout_login module.

At the end of the webshop checkout process the user gets a Drupal account. In case we don't protect the checkout process with captcha than robots can create Drupal accounts by going through the purchase process. Of course we protect /user/register with captcha so we have to protect the checkout process too.

leramulina’s picture

leramulina CreditAttribution: leramulina commented

How has you added a captcha to commerce_checkout_form_review? My client complain that they get too many fake orders and asked me to add captcha to the checkout process. How is it possible to do that?