Support

Admin Tools

#41498 captcha

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
5.2.3
PHP version
8.1
Admin Tools version
7.6.2

Latest post by nicholas on Friday, 17 January 2025 04:32 CST

Thursday, 16 January 2025 16:34 CST

[email protected]

Hello,

I am receiving a lot of SPAM in my forms and Google reCaptcha is not included in Joomla 5. Honestly, I really miss the integration of reCaptcha. I tried downloading one from the JED, but I couldn’t get it to work.

Does AdminTools Professional have an equivalent tool, or is there any plan to develop one in the future? I have configured Project Honey Pot, but I haven’t been able to check its results yet.

It would be great to block spammers’ IPs as site attackers.

Thank you.

Best regards,
Jose L.

Friday, 17 January 2025 02:22 CST

nicholas

You're in luck, because I forked the core reCAPTCHA plugin and updated it for Joomla! 5. You can find it at https://github.com/nikosdion/plg_captcha_google. Please do read the Usage paragraph on that page and follow its instructions. The package download is at https://github.com/nikosdion/plg_captcha_google/releases/latest

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 17 January 2025 03:44 CST

[email protected]

Thank you very much for your quick response. Please forgive my ignorance, but I can't get it to work.

I uninstalled the previous plugin and installed the new one, activated it, and filled in both Google Keys.

In the global configuration, I selected the new plugin as the default Captcha.

In my form, which is a custom development following Joomla 5's folder structure and namespaces (thanks for your documentation), the reCaptcha symbol does not appear.

However, if I load this code in HtmlView:

 
$recaptchaOptions = [
    'sitekey' => 'mi_secret_code',
    'action' => 'submit'
];


$document->addScriptOptions('recaptcha', $recaptchaOptions)

 

$wa->registerAndUseScript(
    'google-recaptcha-v3',
    'https://www.google.com/recaptcha/api.js?render=mi_secret_code,
    [],
    ['defer' => true]
);

Then the Google reCaptcha symbol does load, although I'm not sure if it's actually doing anything. What am I doing wrong or not doing?

P.S. How about a new tab in AdminTools Professional, such as Project Honeypot, combining the best of AdminTools and reCaptcha to block malicious IPs?

Edited by [email protected] on 2025-01-17 03:45 CST

Friday, 17 January 2025 04:32 CST

nicholas

The One True Joomla! Way™ to use CAPTCHA is thus. Note that I am assuming you are going to be using the globally selected CAPTCHA method, and that you are using PHP 8.1 or later (matching the minimum requirements for Joomla! 5).

// ### This method goes both in your View, and your Model.
public function getCAPTCHAObject(): ?\Joomla\CMS\Captcha\Captcha
{
  // Get the default CAPTCHA plugin from the application's configuration.
  $plugin = \Joomla\CMS\Factory::getApplication()->getParams()->get('captcha', '');
  
  // Replace com_example with your own extension name
  return empty($plugin)
         ? null
         : \Joomla\CMS\Captcha\Captcha::getInstance($plugin, ['namespace' => 'com_example']);
}

// ### In your View
$this->captcha = $this->getCAPTCHAObject();

// ### In your view template ###
// Note that it creates a form field with the name "captcha".
<?php echo $this->captcha?->display('captcha') ?? ''; ?>

// ### In the form validation code of your Model ###
public function isCAPTCHAValid(): bool
{
  $input = \Joomla\CMS\Factory::getApplication()->input;
  return $this->getCAPTCHAObject()?->checkAnswer($input->get('captcha', '', 'raw'))) ?? true
}

If you are following this standard Joomla! practice for using whichever CAPTCHA is configured in the system you will have no problem using the replacement plugin or any other CAPTCHA plugin, regardless of which CAPTCHA method it's using. For example, if you decide reCAPTCHA is not for you and would like to switch the hCAPTCHA, or CloudFlare Turnstile you can do so by installing the respective plugin and selecting it as your default CAPTCHA in Global Configuration. If you don't like my reCAPTCHA plugin, you can use another one just fine.

For an example of using that in the real world, please see https://github.com/akeeba/contactus. This is the contact form component we use on this site. Find \Akeeba\Component\ContactUs\Site\Model\ItemModel::getCaptchaObject and check its uses. You will very quickly see how CAPTCHA works inside a real extension. Also note that the code in the component I linked you is more verbose as it does a lot of error handling, and is targeting PHP 7.4 to 8.4 at the time of this writing.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!