Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

Adding Google Recaptcha to website form

Discussion in 'Scripts and Coding' started by diablo, Sep 12, 2016.

  1. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
    I'm trying to add Recaptcha to a website form.

    I've added the required code to the actual form, but the next step is:

    Verifying the user's response

    https://developers.google.com/recaptcha/docs/verify

    I haven't got a clue what this page is talking about. I thought a lot of people might stumble here, but a Google search turns up only a few clueless people like me who are given "anwers" that leave me none the wiser.

    Can anyone tell me in simple steps how to complete this step?
     
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
    IWA Meetup
     
  3. martin-s United Kingdom

    martin-s Well-Known Member

    Joined:
    Jul 2012
    Posts:
    3,468
    Likes Received:
    270
    I'd advise you not to. Captcha is such an annoying approach to real customers and doesn't do a great job of preventing fake submissions.

    A better solution is to hide a fake id="firstname" input in your form and validate it as blank. That will catch almost all bot submissions without peeing anyone off :)
     
    • Like Like x 2
  4. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
    Thanks Martin - I'll give that a go.

    I can add the hidden field to the form no problem, but how do I stop the form being submitted if it is filled in?
     
    Last edited: Sep 13, 2016
  5. Adam H

    Adam H Well-Known Member

    Joined:
    May 2014
    Posts:
    1,725
    Likes Received:
    267
    I use a similar method, sticking a fake password field above the real password field. Basically means the bots auto fill the first password field they come across, so they fill in the fake password field first and leave the real password field blank, meaning they can't complete the registration.

    But still Googles newest "No CAPTCHA reCAPTCHA" is much better on users and is an added layer of protection, obviously hugely depends on the site as to what works though, sometimes you need a number of methods especially on high traffic forums for example in spam rich niches.
     
    • Agree Agree x 1
  6. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
    Have got "something* working along the hidden field line :)

    Will let you know if it works.

    Google's No CAPTCHA reCAPTCHA looks very good - just a checkbox - but it's documentation is awful at least for dummies like me.
     
  7. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
    Sadly the hidden field isn't working. Some spam has stopped, but still far too much getting through.

    Anyone successfully installed Google's No CAPTCHA reCAPTCHA who can give a plain English guide to setting it up on the server side?
     
  8. Edwin

    Edwin Well-Known Member

    Joined:
    Apr 2005
    Posts:
    9,851
    Likes Received:
    617
    Why do you have to stop the form being submitted if the field isn't blank?

    Just accept the form output, but discard it silently afterwards i.e. put a test in your code that says "if the hidden field isn't blank, then end here" and stick everything to do with processing the form's output beyond that test. Humans will reach it every time i.e. it will be seamless, while most bots will go away "thinking" they've submitted the form successfully.

    To make it more robust, give the hidden field a completely random ID that's different for every visit to the page. That way, people can't code their bots to avoid it.
     
    • Agree Agree x 1
  9. Edwin

    Edwin Well-Known Member

    Joined:
    Apr 2005
    Posts:
    9,851
    Likes Received:
    617
    • Agree Agree x 1
  10. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
  11. seemly

    seemly Well-Known Member

    Joined:
    Feb 2011
    Posts:
    1,607
    Likes Received:
    493
    If you still need any help George, i'm happy to help.
     
    • Like Like x 1
  12. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
    Really appreciate the offer Chris, but I *think* I've got it working now. Hope all's good with you.
     
    • Winner Winner x 1
  13. diablo

    diablo Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,333
    Likes Received:
    223
    Just a quick follow up to say that since using Google Recapatcha, zero spam form submissions have been received.
     
    • Winner Winner x 1
  14. Edwin

    Edwin Well-Known Member

    Joined:
    Apr 2005
    Posts:
    9,851
    Likes Received:
    617
    That's brilliant. Glad that worked out for you.

    BTW, does it work with an ad blocker enabled? They're becoming more and more popular, so it's something to take into consideration from a usability POV...