- CakePHP 4.0.0+
composer require marianodonal/cakephp-invisible-recaptcha
obtain a invisible reCAPTCHA API key.
With the following test keys, you will always get No CAPTCHA and all verification requests will pass.
Please do not use these keys for your production traffic.
Configure::write('recaptcha', [
'sitekey' => '6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI',
'secretkey' => '6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe',
]);
$this->loadComponent('InvisibleReCaptcha.InvisibleReCaptcha',
[
// options
]);
Some of the options available:
Option | Description | Default | Value |
---|---|---|---|
secretkey | Override secret API key | null | |
sitekey | Override site API key | null | |
hl | Optional. Forces the widget to render in a specific language. Auto-detects the user's language if unspecified. (See language codes) | null | |
badge | Optional. Reposition the reCAPTCHA badge.inline allows you to control the CSS. |
bottomright | bottomright bottomleft inline |
type | Optional. The type of CAPTCHA to serve. | image | audio image |
timeout | The number of seconds to wait for reCAPTCHA servers before give up. | 3 | integer |
noscript | Include <noscript> content |
true | boolean |
docs https://developers.google.com/recaptcha/docs/invisible#config
<?php
echo $this->Form->create();
echo $this->Form->control('email');
echo $this->Form->submit();
echo $this->InvisibleReCaptcha->render();
echo $this->Form->end();
?>
if ($this->InvisibleReCaptcha->verify()) {
//do something
}
use ServerRequest::clientIp to get the IP address.
See https://book.cakephp.org/3.0/en/controllers/request-response.html#trusting-proxy-headers