Add reCAPTCHA support (Pro) « simpleContact Support Forums

simpleContact Support Forums » Hacks

Add reCAPTCHA support (Pro)

(11 posts) (4 voices)

Started 2 years ago by Alex
Latest reply from Alex

Tags:

Alex
Administrator

Please note: This hack has been updated for simpleContact Pro 2.01. You can download the latest version from the support page, or if you prefer to stick with 2.0 for the time being, just substitute $err for $errors in the code below. If you have any questions you are welcome to contact me.

------------------------------------------

A small but vocal amount of users have asked for CAPTCHA support in simpleContact Pro.

I must say, I am not a fan of CAPTCHAs. I consider them to be inadequate from a usability and accessibility point of view and decent server-side validation can stop most spam. I use my own applications on my websites and receive practically no spam. I'm not too inflexible though to deny user's requests if they can be catered for by a straightforward hack, so here is my solution to CAPTCHA support.

Please note: As I indicated in my definition of a hack, this post doesn't indicate my intention to build a CAPTCHA into a general release.

------------------------------------------

reCAPTCHA is one of the better CAPTCHAs out there. It provides an audio alternative and also provides a useful service by helping to digitise books. I will use reCAPTCHA for this hack.

First, you must visit http://recaptcha.net and sign up for a free account. You can choose your own username and password and enter the domain (or domains) that you want to use reCAPTCHA on. You will be provided with a private key and a public key. You will need both of these to implement this hack.

1) Download reCAPTCHA PHP library

Download the reCAPTCHA PHP library and upload it to your sc_admin/include folder.

2) Modify contact form validation

Open sc_admin/include/contact.php

Add the following code from line 9:

include_once($include_directory."/recaptchalib.php");
$publickey = "YOUR-PUBLIC-KEY-HERE";
$privatekey = "YOUR-PRIVATE-KEY-HERE";

Add the following code from line 143 (on one line):

$resp = recaptcha_check_answer($privatekey,$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],$_POST["recaptcha_response_field"]);

Add this code onto the next line:

if (!$resp->is_valid) { $err["recaptcha"] = "reCAPTCHA entered incorrectly"; }

3) Modify contact form

Open contact.php

Find the line that says:

<?php showForm(); ?>

Add this code from the next line:

<?php
print recaptcha_get_html($publickey);
if (array_key_exists("recaptcha",$err)) {
printf("%s",$err["recaptcha"]);
}
?>

If you view your contact form you should now have a working reCAPTCHA before the submit button.

Posted 2 years ago #
LadyAnna
Member

I have not yet checked the code of lite version, but would this work to put in there as well? Since it is labeled as for the pro version I'm guessing not but wanted to check.

If not, is there any chance of getting it for lite as well? I have recently started to get some spam e-mails through the lite version. And although the pro is reasonable prised I see no real need for the extra features as it is now. I'm only using it as a contact form on my personal site, which over all has a low visitor count.

Posted 2 years ago #
Alex
Administrator

A reCAPTCHA hack can certainly be written for Lite, but it would require different steps to complete (due to differences in code and file structure between Lite and Pro).

I can look into this next week. I will write the hack as a separate forum thread and contact you to let you know when it is ready.

I'd be interested to see a sample of the spam you have received. Please contact me with some. I've noticed that although I get practically no spam from bots, I do get an amount of human spam - that is, real human beings completing my form in order to try selling me link exchanges, SEO services etc.

I don't know of any way to prevent a human being completing a form for unscrupulous reasons.

Posted 2 years ago #
LadyAnna
Member

That is true, and I guess it is possible that the sender is actually human.

I'll send you an example of what I've received, though I don't have much saved atm.

Posted 2 years ago #
Alex
Administrator

I have posted a reCAPTCHA hack for simpleContact Lite.

Posted 2 years ago #
capellt
Member

doesn't the server side validation you provided in the base install of SC prevent the need for CAPTCHA? I've used SC for a long time now and haven't seen any spam issues.

Posted 1 year ago #
Alex
Administrator

I would say yes, it does prevent that need. I've installed simpleContact Pro on my own websites and those of several clients. I don't use CAPTCHAs anywhere.

I think it's vital to be honest and try to manage user expectation about spam. I don't believe it's possible to build a system that prevents 100% of spam, both automated and human, with no false positives. Not even Google have achieved that.

Having said that, I receive practically no spam through any of my SCP installs.

I received several requests for CAPTCHA support, so I wrote this hack to help. Some people see it as an extra level of defense, some need to add it because their clients want it.

I'm not going to add CAPTCHA support to the base install so this is my solution for those cases. Everyone's happy that way :)

Posted 1 year ago #
janderson
Member

I know this post is quite old, but has anyone got this to work? I just get a white blank page.

line 9 /form/sc-admin/include/contact.php
include_once($include_directory."/recaptchalib.php");
$publickey = "my key here";
$privatekey = "my key here";

Line 143 - 144 /form/sc-admin/include/contact.php
$resp = recaptcha_check_answer($privatekey,$_SERVER["REMOTE_ADDR"],$_POST["recaptcha_challenge_field"],$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) { $errors["recaptcha"] = "reCAPTCHA entered incorrectly"; }

Line 23 - 28 /form/contact.php
<?php
print recaptcha_get_html($publickey);
if (array_key_exists("recaptcha",$errors)) {
printf("%s",$errors["recaptcha"]);
}
?>

and I added the recaptchalib.php to
/form/sc-admin/include

Any help is appreciated.

Posted 1 year ago #
Alex
Administrator

Hi,

From the code you have pasted into your post, I presume you are using simpleContact Pro 2.01. This hack was written against version 2.0, and although I do try to keep the information in forum posts up to date, I don't have the time to maintain hacks except by request.

That said, I think I know what the problem is. Please contact me and provide:

1) The URL for your form
2) Your FTP login details

Once I have fixed it, I'll amend the hack post to incorporate that fix.

Posted 1 year ago #
janderson
Member

Thanks Alex, you are correct purchased 2.01 yesterday and trying to setup custom form with recaptcha.

I have sent you the above info.

Thanks again,

Joe

Posted 1 year ago #
Alex
Administrator

I have updated the hack for version 2.01.

Posted 1 year ago #

RSS feed for this topic

Reply

You must log in to post.