I have a contact form on my website which uses reCAPTCHA version 2 to help prevent spam messages. However, quite a few get passed through! How could I stop these? Any help would be greatly appreciated!
Here is my ContactForm.php file:
````<?php
class ContactForm extends Form {
public function __construct(Controller $controller, $name)
{
$emails = array(
'e-mail address here'=>'General',
'e-mail address here'=>'Sales',
'e-mail address here'=>'Technical Support',
);
$fields = FieldList::create(
TextField::create('Name')->setAttribute('placeholder', 'Name'),
EmailField::create('Email')->setAttribute('placeholder', 'Email'),
DropdownField::create('Destination', 'Enquiry', $emails)->setEmptyString("(Department)"),
TextareaField::create('Message')
->setAttribute('placeholder', 'Message')
->setAttribute('rows', 9)
->setAttribute('cols', 25),
LiteralField::create('Captcha', '<div class="g-recaptcha" data-sitekey="MY KEY GOES HERE"></div>')
);
$actions = new FieldList(
FormAction::create('Contact', 'Send')->setAttribute('disabled',true)
);
$validator = new RequiredFields('Name', 'Email', 'Message', 'Destination');
//return Form::create($controller, $name, $fields, $actions, $validator);
parent::__construct($controller, $name, $fields, $actions, $validator);
}
public function Contact($data)
{
$email = new Email();
$email->setFrom($data['Email']);
$email->setSubject("Website Enquiry");
$email->setTo($data['Destination']);
$messageBody = "<p><strong>Name:</strong> {$data['Name']}</p><p><strong>Message:</strong> {$data['Subject']}</p><p><strong>Message:</strong> {$data['Message']}</p>";
$email->setBody($messageBody);
$email->send();
Controller::curr()->redirectBack();
}
}
Hi @gareth94 , it looks like you have manually integrated reCaptcha but I can’t see how you’re validating it, so I assume there is more code you haven’t posted. Is it possible that you’re displaying a captcha but not actually verifying that the captcha was passed?
There are a few modules for implementing recaptcha for spam protection, here’s one you might want to check out:
As @JonoM mentioned, it looks like the captcha isn’t being properly validated, so it won’t be helping you at all. Adding in the proper spam protection module is the quickest way to make it work, and shouldn’t take too much work to change over. You just need to install the module, and add the relevant code to your form method (based on the instructions from the module)