JTC not not enforcing CAPTCHA

[Andy]

Hello

I enabled JTC for the Login form in BPS Pro.

On our website I use the plugin  Login With Ajax

The Captcha from JTC displays fine, but a user can log in with either leaving the captcha blank or enter an incorrect code.

How to I resolve this?

[AITpro Admin]

I assume what is happening is that the Login with AJAX plugin is using the same Hook (Action or Filter) that JTC is using.  The WordPress Login page is a special case that has a few Hooks that can ONLY be used by 1 plugin at a time.  Whichever plugin has a higher priority in their Action or Filter will control that particular Login page Hook and will override any other plugins that are also using the same Login page Hook.

Is the Login with AJAX plugin a free plugin that I can download and test?  If so, post a link to the plugin’s page on wordpress.org.  If the plugin is not a free plugin then send me the zip file for this plugin so I can test and confirm the issue.  Note: Any paid/premium plugins that I test are deleted immediately after testing is completed.

[Andy]

Thanks for the quick reply. This is a free plugin available at

https://wordpress.org/plugins/login-with-ajax/

[AITpro Admin]

Login With Ajax is for sites that need user logins or registrations and would like to avoid the normal wordpress login pages, this plugin adds the capability of placing a login widget in the sidebar with smooth AJAX login effects.

I installed this plugin and am completely lost. I went to the WordPress > Settings > Login with Ajax plugin option settings, but don’t see much and don’t see any way to save plugin option settings? Going by the description above this plugin does not use the WordPress Login or Registration pages at all and instead creates a sidebar widget. Is that correct? If so, then there are not going to be any WordPress Login or Registration Hooks to hook into. I will try and figure out how this plugin works, but so far it looks like JTC will not work with this widget plugin.

[AITpro Admin]

Ok I was able to figure out a way to test this plugin > created a new Page > added the shortcode > and yep since this new Page is not the WordPress Login page then there are no WordPress Login page Hooks to hook into.  So yeah you would just need to turn Off JTC since Login with Ajax does not use the standard WordPress Login or Registration Pages or Hooks.  Or in other words, the Login with Ajax plugin is for people who want an alternative to standard WordPress Registrations and Logins.

[Andy]

Thank you for looking into this. The main goal for using this plugin is that we want to place the login into a Widget. By chance, are you aware of any login plugins that will work with BPS Pro and can be placed in a widget?

[AITpro Admin]

What you are looking for are WordPress Plugins that do this > “WordPress sidebar login widget”.  I did a search using that search term and found this one > https://wordpress.org/plugins/sidebar-login/.  It looks good.  Let me test it with BPS Pro and I’ll let you know the results.

[AITpro Admin]

The Sidebar Login plugin is very quick and easy to setup.  Took about 2 minutes, but unfortunately JTC does not work with that plugin.  With this BuddyPress/bbPress forum site JTC works in the sidebar because I am hooking into the BuddyPress/bbPress sidebar login Hook.  The Sidebar Login plugin offers these Filters and Actions below to hook into.  I really like this plugin because it is quick and easy to setup and well documented.  So I will Hook JTC into this plugin in BPS 4.6/BPS Pro 15.3.  ETA – 4 – 7 days.

Filters
sidebar_login_widget_register_url – The URL for registration links.
sidebar_login_widget_lost_password_url – The URL for lost password links.
sidebar_login_widget_wp_login_form – The HTML of the Login form.

Actions
sidebar_login_widget_start – Fired before the widget.
sidebar_login_widget_{logged_in || logged_out}_content_start – Fired before the widget content.
sidebar_login_widget_before_{logged_in || logged_out}_links – Fired before the links.
sidebar_login_widget_after_{logged_in || logged_out}_links – Fire after the links.
sidebar_login_widget_{logged_in || logged_out}_content_end – Fired after the widget content.
sidebar_login_widget_end – Fired after the widget.

[Andy]

Great, thanks for your feedback. Will plan to change to the Sidebar Login.

[AITpro Admin]

Well unfortunately, doing form validation is more complex than I originally thought.  Hooking into the Sidebar Login plugin form is very simple, but the Sidebar Login plugin Form processing and validation is being done with AJAX and I don’t see a provided way to hook into that.  So I’m going to put this on the backburner for now.

Adding this info for my own personal future reference:
https://developer.wordpress.org/reference/hooks/wp_ajax_action/

More Information #More Information

• This hook allows you to handle your custom AJAX endpoints. The wp_ajax_ hooks follows the format “wp_ajax_$action“, where $action is the ‘action‘ field submitted to admin-ajax.php.

• This hook only fires for logged-in users. If your action only allows Ajax requests to come from users not logged-in, you need to instead use wp_ajax_nopriv_$action such as: add_action( 'wp_ajax_nopriv_add_foobar', 'prefix_ajax_add_foobar' );. To allow both, you must register both hooks!

• See also wp_ajax__requestaction

• See also Ajax Plugin Handbook

[Author]

Posts