Skip to content

Instantly share code, notes, and snippets.

@matdave

matdave/FormIt.example.html

Last active February 26, 2018 16:09
Show Gist options
  • Save matdave/9dc29e114434c200b8405de3685ad123 to your computer and use it in GitHub Desktop.
Save matdave/9dc29e114434c200b8405de3685ad123 to your computer and use it in GitHub Desktop.
Download ZIP
MODX Invisible Recaptcha Formit Validator
Raw
FormIt.example.html
[[!FormIt?
&submitVar=`gcaptchahdn`
&customValidators=`invisibleRecaptcha`
&validate=`
g-recaptcha-response:invisibleRecaptcha`
]]
<form method="post" action="[[~[[*id]]]]" id="contact">
<button class="btn g-recaptcha" data-sitekey="[[++gcaptcha.site_key]]" data-callback="onSubmit">Submit</button>
</form>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script>
function addHidden(theForm, key, value) {
// Create a hidden input element, and append it to the form:
var input = document.createElement('input');
input.type = 'hidden';
input.name = key; // 'the key/name of the attribute/field that is sent to the server
input.value = value;
theForm.appendChild(input);
}
function onSubmit(token) {
var form = document.getElementById("contact");
addHidden(form, 'gcaptchahdn', 'true'); // must match &submitVar for form to pass
form.submit();
}
</script>
Raw
invisibleRecaptcha.validator.php
<?php
/**
* Created by PhpStorm.
* User: matdave
* ___ ___ __ ___________ ________ __ ___ ___ _______
* |" \ /" | /""\(" _ ")|" "\ /""\|" \ /" |/" "|
* \ \ // | / \)__/ \\__/ (. ___ :) / \\ \ // /(: ______)
* /\\ \/. | /' /\ \ \\_ / |: \ ) || /' /\ \\\ \/. ./ \/ |
* |: \. | // __' \ |. | (| (___\ || // __' \\. // // ___)_
* |. \ /: | / / \\ \\: | |: :)/ / \\ \\\ / (: "|
* |___|\__/|___|(___/ \___)\__| (________/(___/ \___)\__/ \_______)
*
* Email: [email protected]
* Twitter: @matjones
* Date: 11/28/17
* Time: 5:07 PM
* Project: MLH
*/
if(!function_exists('fileGetContentsCurl')){
function fileGetContentsCurl($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
}
// Register API keys at https://www.google.com/recaptcha/admin
$site_key = $modx->getOption('gcaptcha.site_key', null, '');
$secret = $modx->getOption('gcaptcha.secret_key', null, '');
// reCAPTCHA supported 40+ languages listed here: https://developers.google.com/recaptcha/docs/language
// Options
$response = $value;
$tech_err_msg = $modx->getOption('technical_error_message', $properties, 'Sorry, there was an error submitting your form. Please use one of the contacts on this page instead.');
$recaptcha_err_msg = $modx->getOption('recaptcha_error_message', $properties, 'Anti-spam controls are having an issue validating you, please try again later.');
//$modx->log(xPDO::LOG_LEVEL_ERROR,"invisibleRecaptcha response $response");
if(!empty($response)){
$postUrl = 'https://www.google.com/recaptcha/api/siteverify?';
$postUrl .= '&secret='.$secret;
$postUrl .= '&response='.$response;
$verify = fileGetContentsCurl($postUrl);
//$modx->log(xPDO::LOG_LEVEL_ERROR,"invisibleRecaptcha verify $verify");
if(!empty($verify)){
$verify = $modx->fromJSON($verify);
if($verify['success']){
return true;
}else{
if(is_array($verify['error-codes']))
$validator->addError($key,implode(',',$verify['error-codes']));
}
}
}
$validator->addError($key,$recaptcha_err_msg);
return $success;
@sepiariver
Copy link

So do I understand correctly:

  1. The submit button is clicked.
  2. The custom JS adds a hidden form element to satisfy the FormIt submitvar configuration. (To simplify is it possible to do this in the tendered markup? Sorry I don’t know if Recaptcha requires this element to be dynamically created?)
  3. The validator passes the response from Recaptcha’s JS to the server to verify, and shows errors or passes.

Is that right?

And sorry I’m not sure yet why it can’t be a hook...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment