add_action( 'wp_login_failed', 'pippin_login_fail' ); // hook failed login
function pippin_login_fail( $username ) {
global $wbdb;
$userdata = get_user_by( 'login', $username );
$meta = get_user_meta($userdata->ID, 'theme_my_login_security', true );
if ( ! is_array( $meta ) )
$meta = array();
if(sizeof($meta['failed_login_attempts'] ) > 1){
?>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script type="text/javascript">
jQuery('.g-recaptcha').show();
</script>
<?php
}
}
add_filter('wp_authenticate_user', 'verify_login_captcha', 10, 2);
function verify_login_captcha($user, $password) {
if (isset($_POST['g-recaptcha-response'])) {
$recaptcha_secret = '6LfkBpNteuL6rHOViv9';
echo $_POST['g-recaptcha-response'];
echo "<br/>";
$response = wp_remote_get("https://www.google.com/recaptcha/api/siteverify?secret=". $recaptcha_secret ."&response=". $_POST['g-recaptcha-response']);
print_r($response);
$response = json_decode($response["body"], true);
if (true == $response["success"]) {
return $user;
} else {
return new WP_Error("Captcha Invalid", __("You are required to check security verification"));
}
} else {
return $user;
//return new WP_Error("Captcha Invalid", __("<strong>ERROR</strong>: You are a bot. If not then enable JavaScript"));
}
}
---------------------------------------------------------------------
<div class="clear"></div>
<div class="g-recaptcha" data-sitekey="6LfkKwoTAAA1r7mO3d67rZnJu3"></div>