• Members 16 posts
    May 17, 2017, 10:34 p.m.

    There seems to bee a problem when using recaptiaV2 in the registration form.
    if u type in username,password,email and solve the captia and the username is already taken and you change it the captia remains checked. But after submitting the form it gives you an error concerning the captia saying its not solved but you cannot solve it again so you need to close the form and start over

  • May 18, 2017, 8:20 a.m.

    When I've tested it, after the moment the reCaptcha expired and let me check it again on itself. In fact here's the try from minute ago:

    Zrzut ekranu 2017-05-18 o 10.16.52.png

    Still, thanks for report. I'll revisit it.

    Zrzut ekranu 2017-05-18 o 10.16.52.png

    PNG, 210.9 KB, uploaded by rafalp on May 18, 2017.

  • Members 16 posts
    May 18, 2017, 4:16 p.m.

    Hi rafalp! I don't know if i explained the problem correctly but here i have some pictures of what i mean and the problem trying to register with a taken username

    pg1.png

    Ok so it's not aveilable so i go to change it and click register again

    and this happens
    pg2.png

    The captia dosn't refresh and is unclickable for some reason

    and yeah as u stated the problem isn't in the password

    pg3.png

    Sorry for the confusion but there is the correct problem visalised

    pg3.png

    PNG, 25.8 KB, uploaded by GangzeHD on May 18, 2017.

    pg2.png

    PNG, 24.5 KB, uploaded by GangzeHD on May 18, 2017.

    pg1.png

    PNG, 24.8 KB, uploaded by GangzeHD on May 18, 2017.

  • May 21, 2017, 12:14 a.m.

    Oooh, I get it now!

    Tokens used by reCaptcha are single-use only. So your token passes validation, but form fails due the other fields being invalid. You fix incorrect data in form, then try again, but Misago uses same reCaptcha token it used previously, so it fails.

    I'll switch captcha and form validation around. I've didn't want to do it originally because there's race condition material right there in time you are waiting for google to return back with info about token's validity and submitting form again via other means, but I guess I'll just catch possible DB uniqueness violations here and escalate them to validation error.

    Anyway, fix is incoming in next release.