diff --git a/module/VuFind/src/VuFind/Controller/AbstractRecord.php b/module/VuFind/src/VuFind/Controller/AbstractRecord.php
index 4cdf882e38cab3d1ec06938ce080ede6cb7d7b48..317c6fd665795ab7ebd46109dbd589c2af5c0714 100644
--- a/module/VuFind/src/VuFind/Controller/AbstractRecord.php
+++ b/module/VuFind/src/VuFind/Controller/AbstractRecord.php
@@ -110,8 +110,15 @@ class AbstractRecord extends AbstractBase
throw new ForbiddenException('Comments disabled');
}
+ $recaptchaActive = $this->recaptcha()->active('userComments');
+
// Force login:
if (!($user = $this->getUser())) {
+ // Validate CAPTCHA before redirecting to login:
+ if (!$this->formWasSubmitted('comment', $recaptchaActive)) {
+ return $this->redirectToRecord('', 'UserComments');
+ }
+
// Remember comment since POST data will be lost:
return $this->forceLogin(
null, ['comment' => $this->params()->fromPost('comment')]
@@ -125,6 +132,11 @@ class AbstractRecord extends AbstractBase
$comment = $this->params()->fromPost('comment');
if (empty($comment)) {
$comment = $this->followup()->retrieveAndClear('comment');
+ } else {
+ // Validate CAPTCHA now only if we're not coming back post-login:
+ if (!$this->formWasSubmitted('comment', $recaptchaActive)) {
+ return $this->redirectToRecord('', 'UserComments');
+ }
}
// At this point, we should have a comment to save; if we do not,
diff --git a/themes/jquerymobile/templates/RecordTab/usercomments.phtml b/themes/jquerymobile/templates/RecordTab/usercomments.phtml
index c172b0666861709c7782f8dd6487dda9529f012c..824f636bb5909125628be04aa93463fc34ea272f 100644
--- a/themes/jquerymobile/templates/RecordTab/usercomments.phtml
+++ b/themes/jquerymobile/templates/RecordTab/usercomments.phtml
@@ -13,6 +13,7 @@
<label for="comments_form_comment"><?=$this->transEsc("Your Comment")?>:</label>
<textarea id="comments_form_comment" name="comment"></textarea>
</div>
+ <?=$this->recaptcha()->html($this->tab->isRecaptchaActive()) ?>
<div data-role="fieldcontain">
<input type="submit" value="<?=$this->transEsc("Add your comment")?>"/>
</div>