[Plugin] Invisible reCaptcha by Google for Osclass (beta)

[dev101]

*** UPDATED *** 2019-04-03

There are few issues with Invisible reCaptcha that might hold you back and stick with the traditional version:

• It requires JavaScript enabled browsers, visitors who come without js enabled will be left behind captcha wall (this has good and bad side; good - most dumb bots do not execute js, but most clever ones do, and bad: older devices/browsers/systems/ == users - will not be able to engage with your forms/websites
• The 2nd issue is a more problematic, at least for me - invisible captcha takes precedence over jquery validate() (when user hits the button before filling-in any of the required inputs), which means captcha will kick-in, users will solve it, server will bounce forms... (if user is logged-in into Google's services, captcha will not be shown anyway, and validation will work in that case). I have some ideas, but still not enough time to test and fix this.

Still, it's great to give it a go as an experiment in dev/testing environment, and even in production (I am using it for 2 years now). Just install it, go to Configure and follow instructions. It's that simple. Unfortunately, due to binding method and different themes, it is a bit harder to achieve no-theme-modifications goal, it could be done later with some js, but for now, manual method is error-free. (integrated auto-binding* in v1.0.1 was later removed because of some potential issues).


Generate new API keys per instructions and check INVISIBLE type in the options (keep your old keys, don't delete them just yet).

Admin Dashboard screenshot is provided. Default badge is set to inline, just for your orientation as it is the least intrusive imho, but you may change the keyword in the options (on purpose it is a text input, something might change in near future, adding new modes, don't know really).


I am not sure if it will be released @ Market, because of integration issues, it will probably be easier to integrate it within the core and avoid the forms validation trouble.



Version 1.0.3 - important bug fix for Admin/User Recovery protection - recaptcha was not working properly (emails were always sent)

Version 1.0.2 - additional improvements

Requirements:

requires Osclass 3.8.0 + latest Bender theme; it should also work with updated OsclassWizards 2.0.6 theme (probably other OW themes should work, but I haven't tested them), but may not work with other themes unless they get updated. The only dependency in your theme is that it must use standardized html form names from Bender theme (supplied with Osclass 3.8.0). Ask your theme developer(s) to update their themes and make them compatible, this is very simple to do.


Thanks,
Regards
dev101

[dev101]

Updated to version 1.0.1

No longer requires any theme modifications (assuming standard form names from Bender are also present in your theme).

[SteveJohnson]

Thank you dev101 for working on this.

I was hoping google was making a more general purpose solution.. phew 

[dev101]

Thanks SteveJohnson,

I have implemented it in several instances already, and it works fine with minor modifications for each theme. Problem is even in Bender there are forms that have no name, id or class, so they are impossible to uniquely identify, and tell apart which form should be with captcha. The above solution will work in Bender and themes which did not change names, and for those who did, editing it in the plugin's index.php function isn't that hard. Also, I strongly suggest to name all the forms properly, and avoid guess work for the plugin.

About validation issue, as the submit button now takes precedence, no resolution yet, and no one seems to have an idea either. But, it will not affect regular users in any way, only bots or malicious ones, so, not really a big concern. For users who start to fill-in the forms one field after another, it will work.

Regards

[zombie]

What version of osclass does this plugin require?

[dev101]

Osclass version required for frontend side is not that much important, as long as it is 3.x.something, however, your theme might be the problem

There could be some problems with "non-standard" themes, because of different form identifications used. However, in version 1.0.2 I introduced some missing identifiers even in default Bender theme, proposed changes are here:

https://github.com/osclass/theme-bender/pull/63
https://github.com/osclass/theme-bender/pull/64
https://github.com/osclass/theme-bender/pull/65

With above changes and plugin v1.0.2 it works without problems.


About admin side protection, plugin 1.0.2 fully supports it, but required changes are not yet merged into main Osclass, so I cannot say when it will become available (say, Osclass 3.8.0 is probable candidate).


Plugin version 1.0.2 will be released once Osclass version becomes available and admin side protection can be fully supported, including recovery pages, forgotten password reset forms etc.


About my personal experience with this plugin & Google Invisible Captcha, I am using it practically in all my projects and it stops spam (and some security attacks @ admin) 99,999% of the time! I strongly recommend it, particularly if you do not wish to use other protections and/or to save server resources. There are, of course, certain limitations of using invisible recaptcha, but you can google it... (also read introductory post)


Regards
dev101

[zombie]

Actually it is a problem. I get an error on 3.02 and can't install the plugin... and that's why I ask.

[dev101]

Well, 3.0.2 is a really old version, I'll do some tests later to see if I can make it work (but no promises, since that version also uses different factory theme).
I mean, of course it can be done, it's not that hard, but that version is like really old, and some things have changed a lot since then.

[zombie]

Exactly. And I did lots of modifications on that site, which is using 3.0.2. and I do not want to update because of that.

[dev101]

Hi, I have tested v3.0.2* and plugin is installing just fine, no errors. And it should work with modern theme, same changes as for bender above should be applied, though. So, check your php/sql error logs and see if you can find clues there.


(about Osclass 3.0.2 installation issue): Apparently, it is no longer possible to regularly install Osclass 3.0.2 because of "location required" step error, either because url for geo loc is changed (edit: most probably), or some javascript problem, but it is no longer possible to skip location step (fallback does not work). It is possible to skip step 3 manually, and later insert admin user and contact data @ database. Another thing, because, once I skipped that installation step and ended up with no admin user created in db, I had to (manually) fill it in. That was fine, but my contact email was empty, along with the website title. So, I went on to general settings, but setting them manually in General tab failed, too, because we skipped them during installation and because we used "update" method for preferences, but nothing can be updated as the rows (pageTitle, contactEmail @ preferences) do not exist! That's how old this version is...


Regards

[buninsan]

del

[muratbora]

Hi , I tried this plugin, on comment form under items, no google captcha image shown...And unable to submit comment while this plugin active...
What could be problem? Did you test this section?