From 9b5860d8f26496a4522303addc33c924f70474f7 Mon Sep 17 00:00:00 2001
From: kagg-design <info@kagg.eu>
Date: Wed, 29 Jan 2025 11:58:47 +0300
Subject: [PATCH] Fix IP detection in WP to sync with hCaptcha events info.

---
 .tests/php/integration/WP/CommentTest.php | 10 ++++++++--
 readme.txt                                |  1 +
 src/php/WP/Comment.php                    |  3 +++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/.tests/php/integration/WP/CommentTest.php b/.tests/php/integration/WP/CommentTest.php
index 4b798fa0..df8b856e 100644
--- a/.tests/php/integration/WP/CommentTest.php
+++ b/.tests/php/integration/WP/CommentTest.php
@@ -137,7 +137,10 @@ public function test_add_captcha_when_NOT_active(): void {
 	 * @throws ReflectionException ReflectionException.
 	 */
 	public function test_verify(): void {
-		$commentdata = [ 'some comment data' ];
+		$commentdata = [
+			'some comment data',
+			'comment_author_IP' => '7.7.7.7',
+		];
 
 		$this->prepare_hcaptcha_get_verify_message_html( 'hcaptcha_comment_nonce', 'hcaptcha_comment' );
 
@@ -172,7 +175,10 @@ public function test_verify_in_admin(): void {
 	 * @throws ReflectionException ReflectionException.
 	 */
 	public function test_verify_not_verified(): void {
-		$commentdata = [ 'some comment data' ];
+		$commentdata = [
+			'some comment data',
+			'comment_author_IP' => '7.7.7.7',
+		];
 		$expected    = '<strong>hCaptcha error:</strong> The hCaptcha is invalid.';
 
 		$this->prepare_hcaptcha_get_verify_message_html( 'hcaptcha_comment_nonce', 'hcaptcha_comment', false );
diff --git a/readme.txt b/readme.txt
index a15d55d1..c14a9cbf 100644
--- a/readme.txt
+++ b/readme.txt
@@ -634,6 +634,7 @@ Instructions for popular native integrations are below:
 * Added compatibility with Cookies and Content Security Policy plugin.
 * Added auto-verification of arbitrary forms in ajax.
 * Improved error messaging for hCaptcha verification.
+* Fixed IP detection in the WordPress core via filter, to sync with hCaptcha events information when the IP collection is activated.
 * Fixed fatal error with the WPForms plugin in rare cases.
 * Fixed error message at the first entry to the login page when Hide Login Errors in on.
 * Fixed scrolling to the message on the General page.
diff --git a/src/php/WP/Comment.php b/src/php/WP/Comment.php
index 6dca02a7..0f291836 100644
--- a/src/php/WP/Comment.php
+++ b/src/php/WP/Comment.php
@@ -118,6 +118,9 @@ public function verify( $comment_data ): array {
 			return $comment_data;
 		}
 
+		// Override poor IP detection by WP Core and make sure that IP is the same in the 'comments' table and in the 'hcaptcha_events' table.
+		$comment_data['comment_author_IP'] = hcap_get_user_ip();
+
 		$this->result = hcaptcha_get_verify_message_html( self::NONCE, self::ACTION );
 
 		unset( $_POST['h-captcha-response'], $_POST['g-recaptcha-response'] );