Active PHP session in Captcha plugin breaks REST API functionality | ww.wp.xz.cn

Resolved ronex1
(@ronex1)

9 months, 3 weeks ago
Hello,

When using your Captcha plugin on a WordPress site, the Site Health tool reports critical errors:
- An active PHP session is detected (session_start() is called, but session_write_close() is missing).
- REST API returns errors and does not function correctly.
The issue is that the plugin starts a PHP session using session_start() but does not properly close it with session_write_close(). This causes conflicts with the REST API and negatively impacts site performance.

As a result, when your plugin is active:
- REST API functionality breaks.
- Critical errors appear in the WordPress Site Health status.
- If session_write_close() is added immediately after session_start() in the plugin or theme to fix the issue, the captcha no longer works correctly and always shows “Incorrect verification code.”
Therefore, a proper handling of PHP sessions is needed:
- Either close the session appropriately before REST API and other HTTP requests to avoid blocking.
- Or use alternative methods to store temporary data without interfering with HTTP requests.
Please consider updating the plugin to correctly manage PHP sessions so it fully supports WordPress REST API and related features.

Thank you!

The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)

Plugin Author Alexandru Tapuleasa
(@talextech)

9 months, 3 weeks ago

Yes, Captcha Code does use sessions which can cause issues 🙁

You can try our other plugin, https://ww.wp.xz.cn/plugins/advanced-google-recaptcha/ which uses cookies instead and also have just plain Math captcha available if you don’t want to bother with API keys.

Viewing 1 replies (of 1 total)

The topic ‘Active PHP session in Captcha plugin breaks REST API functionality’ is closed to new replies.

1 reply
2 participants
Last reply from: Alexandru Tapuleasa
Last activity: 9 months, 3 weeks ago
Status: resolved