Not a bug Captcha validation is not correct for creating new thread

[stefanstp]

Affected version

2.2.9

We activated for guests to post new threads before login or registering. But after activation Captcha validation wasn't working. Because in the code "src/XF/Pub/Controller/Forum.php" file and "actionPostThread" method line "878" should check only "$this->captchaIsValid" or not. But it also checks user id for guest. That's why it's not working the correct way.

if (!$this->captchaIsValid() && !$isPreRegThread)
{
    return $this->error(\XF::phrase('did_not_complete_the_captcha_verification_properly'));
}

Should be replaced with:

if (!$this->captchaIsValid())
{
    return $this->error(\XF::phrase('did_not_complete_the_captcha_verification_properly'));
}

Notice: $isPreRegThread variable coming from "src/XF/Entity/Forum.php" file and "canCreateThreadPreReg" method.

if (\XF::visitor()->user_id || $this->canCreateThread())
{
    return false;
}

There for guests, it's always false and captcha validation is not working.

We are using Xenforo version v2.2.9.

 

[Jeremy P]

Have you allowed guest posting by giving unregistered users permission to create threads and replies, or have you enabled the writing before registering system? The former will allow guests to post after displaying a CAPTCHA, whereas the latter will not display a CAPTCHA since the content is only created after registration has been completed. I can't reproduce any issues with either.

 

[stefanstp]

Enable writing before registering => Yes
Enable CAPTCHA for guests => Yes
CAPTCHA is displayed when visitors create new post threads. But they don't need to verify (on the new post thread page). Next page is register page. There is everything works fine.

 

[Jeremy P]

If you've enabled writing before registering, then indeed visitors will not need to complete a CAPTCHA (nor should one be displayed). The content will instead be posted when registration is completed.