PHPackages                             undefinedoffset/silverstripe-nocaptcha - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Validation &amp; Sanitization](/categories/validation)
4. /
5. undefinedoffset/silverstripe-nocaptcha

ActiveSilverstripe-vendormodule[Validation &amp; Sanitization](/categories/validation)

undefinedoffset/silverstripe-nocaptcha
======================================

A spam protector and form field using Google's reCAPTCHA v2 or optionally a foundation v3 implementation

3.1.0(6mo ago)33471.6k—0.3%38[12 issues](https://github.com/UndefinedOffset/silverstripe-nocaptcha/issues)16BSD-3-ClausePHP

Since Dec 4Pushed 6mo ago4 watchersCompare

[ Source](https://github.com/UndefinedOffset/silverstripe-nocaptcha)[ Packagist](https://packagist.org/packages/undefinedoffset/silverstripe-nocaptcha)[ RSS](/packages/undefinedoffset-silverstripe-nocaptcha/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (2)Versions (37)Used By (16)

Nocaptcha
=========

[](#nocaptcha)

Adds a "spam protection" field to Silverstripe userforms using Google's [reCAPTCHA](https://www.google.com/recaptcha) service.

Requirements
------------

[](#requirements)

- Silverstripe framework ^6
- [Silverstripe Spam Protection ^4](https://github.com/silverstripe/silverstripe-spamprotection/)
- PHP CURL

Installation
------------

[](#installation)

```
composer require undefinedoffset/silverstripe-nocaptcha

```

After installing the module via composer or manual install you must set the spam protector to NocaptchaProtector, this needs to be set in your site's config file normally this is mysite/\_config/config.yml.

```
SilverStripe\SpamProtection\Extension\FormSpamProtectionExtension:
    default_spam_protector: UndefinedOffset\NoCaptcha\Forms\NocaptchaProtector
```

Finally, add the "spam protection" field to your form by calling `enableSpamProtection()` on the form object.

```
$form->enableSpamProtection();
```

Configuration
-------------

[](#configuration)

There are multiple configuration options for the field, you must set the site\_key and the secret\_key which you can get from the [reCAPTCHA page](https://www.google.com/recaptcha). These configuration options must be added to your site's yaml config typically this is app/\_config/config.yml.

```
UndefinedOffset\NoCaptcha\Forms\NocaptchaField:
    site_key: "YOUR_SITE_KEY" #Your site key (required)
    secret_key: "YOUR_SECRET_KEY" #Your secret key (required)
    recaptcha_version: 2 # 2 or 3
    minimum_score: 0.2 # minimum spam score to achieve. Any less is blocked
    verify_ssl: true #Allows you to disable php-curl's SSL peer verification by setting this to false (optional, defaults to true)
    default_theme: "light" #Default theme color (optional, light or dark, defaults to light)
    default_type: "image" #Default captcha type (optional, image or audio, defaults to image)
    default_size: "normal" #Default size (optional, normal, compact or invisible, defaults to normal)
    default_badge: "bottomright" #Default badge position (bottomright, bottomleft or inline, defaults to bottomright)
    default_handle_submit: true #Default setting for whether nocaptcha should handle form submission. See "Handling form submission" below.
    proxy_server: "" #Your proxy server address (optional)
    proxy_port: "" #Your proxy server address port (optional)
    proxy_auth: "" #Your proxy server authentication information (optional)

# The following options can also be specified through Environment variables with Injector config
SilverStripe\Core\Injector\Injector:
  UndefinedOffset\NoCaptcha\Forms\NocaptchaField:
    properties:
      SiteKey: '`SS_NOCAPTCHA_SITE_KEY`'
      SecretKey: '`SS_NOCAPTCHA_SECRET_KEY`'
      ProxyServer: '`SS_OUTBOUND_PROXY`'
      ProxyPort: '`SS_OUTBOUND_PROXY_PORT`'
      ProxyAuth: '`SS_OUTBOUND_PROXY_AUTH`'
```

Adding field labels
-------------------

[](#adding-field-labels)

If you want to add a field label or help text to the Captcha field you can do so like this:

```
$form->enableSpamProtection()
    ->fields()->fieldByName('Captcha')
    ->setTitle("Spam protection")
    ->setDescription("Please tick the box to prove you're a human and help us stop spam.");
```

### Commenting Module

[](#commenting-module)

When your using the [silverstripe/comments](https://github.com/silverstripe/silverstripe-comments)module you must add the following (per their documentation) to your \_config.php in order to use nocaptcha/spamprotection on comment forms.

```
CommentingController::add_extension('CommentSpamProtection');
```

Retrieving the Verify Response
------------------------------

[](#retrieving-the-verify-response)

If you wish to manually retrieve the Site Verify response in you form action use the `getVerifyResponse()` method

```
function doSubmit($data, $form) {
    $captchaResponse = $form->Fields()->fieldByName('Captcha')->getVerifyResponse();

    // $captchaResponse = array (size=5) [
    //  'success' => boolean true
    //  'challenge_ts' => string '2020-09-08T20:48:34Z' (length=20)
    //  'hostname' => string 'localhost' (length=9)
    //  'score' => float 0.9
    //  'action' => string 'submit' (length=6)
    // ];
}
```

ReCAPTCHA v3
------------

[](#recaptcha-v3)

ReCAPTCHA v3 is different to v2, users won't be presented with a "Are you a robot?" checkbox, instead user actions are returned a spam score 0.0 to 1.0 when they submit the form. Out of the box, this module will block any submission with a spam score of &lt;= 0.4 but this can be tailored either site-wide using the Config API

```
UndefinedOffset\NoCaptcha\Forms\NocaptchaField:
  minimum_score: 0.2
```

Or on a per form basis:

```
$captchaField = $form->Fields()->fieldByName('Captcha')-
$captchaField->setMinimumScore(0.2);
```

For more information about version 3, including how to implement custom actions see

Handling form submission
------------------------

[](#handling-form-submission)

By default, the javascript included with this module will add a submit event handler to your form.

If you need to handle form submissions in a special way (for example to support front-end validation), you can choose to handle form submit events yourself.

This can be configured site-wide using the Config API

```
UndefinedOffset\NoCaptcha\Forms\NocaptchaField:
    default_handle_submit: false
```

Or on a per form basis:

```
$captchaField = $form->Fields()->fieldByName('Captcha');
$captchaField->setHandleSubmitEvents(false);
```

With this configuration no event handlers will be added by this module to your form. Instead, a function will be provided called `nocaptcha_handleCaptcha` which you can call from your code when you're ready to submit your form. It has the following signature:

```
function nocaptcha_handleCaptcha(form, callback)
```

`form` must be the form element, and `callback` should be a function that finally submits the form, though it is optional.

In the simplest case, you can use it like this:

```
document.addEventListener("DOMContentLoaded", function(event) {
    // where formID is the element ID for your form
    const form = document.getElementById(formID);
    const submitListener = function(event) {
        event.preventDefault();
        let valid = true;
        /* Your validation logic here */
        if (valid) {
            nocaptcha_handleCaptcha(form, form.submit.bind(form));
        }
    };
    form.addEventListener('submit', submitListener);
});
```

Reporting an issue
------------------

[](#reporting-an-issue)

When you're reporting an issue please ensure you specify what version of Silverstripe you are using i.e. 3.1.3, 3.2beta, master etc. Also be sure to include any JavaScript or PHP errors you receive, for PHP errors please ensure you include the full stack trace. Also please include how you produced the issue. You may also be asked to provide some of the classes to aid in re-producing the issue. Stick with the issue, remember that you seen the issue not the maintainer of the module so it may take allot of questions to arrive at a fix or answer.

###  Health Score

57

—

FairBetter than 98% of packages

Maintenance58

Moderate activity, may be stable

Popularity49

Moderate usage in the ecosystem

Community37

Small or concentrated contributor base

Maturity75

Established project with proven stability

 Bus Factor1

Top contributor holds 74.3% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~113 days

Recently: every ~189 days

Total

36

Last Release

209d ago

Major Versions

0.4.0 → 2.0.0-alpha12017-11-09

1.0.0 → 2.0.0-alpha22017-11-21

1.0.1 → 2.0.12019-03-21

1.0.2 → 2.3.02021-12-13

2.x-dev → 3.0.02025-04-10

### Community

Maintainers

![](https://www.gravatar.com/avatar/60d2d4134f2e196b585f3320d1d7245c03df87a521bc3e17184d16e7ba02f0ee?d=identicon)[UndefinedOffset](/maintainers/UndefinedOffset)

---

Top Contributors

[![UndefinedOffset](https://avatars.githubusercontent.com/u/1391558?v=4)](https://github.com/UndefinedOffset "UndefinedOffset (84 commits)")[![GuySartorelli](https://avatars.githubusercontent.com/u/36352093?v=4)](https://github.com/GuySartorelli "GuySartorelli (3 commits)")[![a2nt](https://avatars.githubusercontent.com/u/672794?v=4)](https://github.com/a2nt "a2nt (3 commits)")[![camfindlay](https://avatars.githubusercontent.com/u/367847?v=4)](https://github.com/camfindlay "camfindlay (2 commits)")[![christopherdarling](https://avatars.githubusercontent.com/u/178039?v=4)](https://github.com/christopherdarling "christopherdarling (2 commits)")[![jeffwhitfield](https://avatars.githubusercontent.com/u/274571?v=4)](https://github.com/jeffwhitfield "jeffwhitfield (1 commits)")[![jonom](https://avatars.githubusercontent.com/u/1079425?v=4)](https://github.com/jonom "jonom (1 commits)")[![Leapfrognz](https://avatars.githubusercontent.com/u/1740262?v=4)](https://github.com/Leapfrognz "Leapfrognz (1 commits)")[![nfauchelle](https://avatars.githubusercontent.com/u/1188162?v=4)](https://github.com/nfauchelle "nfauchelle (1 commits)")[![rasstislav](https://avatars.githubusercontent.com/u/9253113?v=4)](https://github.com/rasstislav "rasstislav (1 commits)")[![satrun77](https://avatars.githubusercontent.com/u/166450?v=4)](https://github.com/satrun77 "satrun77 (1 commits)")[![scott1702](https://avatars.githubusercontent.com/u/10215604?v=4)](https://github.com/scott1702 "scott1702 (1 commits)")[![sebastiand](https://avatars.githubusercontent.com/u/974056?v=4)](https://github.com/sebastiand "sebastiand (1 commits)")[![sheadawson](https://avatars.githubusercontent.com/u/1166136?v=4)](https://github.com/sheadawson "sheadawson (1 commits)")[![skalicki](https://avatars.githubusercontent.com/u/155432417?v=4)](https://github.com/skalicki "skalicki (1 commits)")[![sunnysideup](https://avatars.githubusercontent.com/u/167154?v=4)](https://github.com/sunnysideup "sunnysideup (1 commits)")[![TheBnl](https://avatars.githubusercontent.com/u/1334195?v=4)](https://github.com/TheBnl "TheBnl (1 commits)")[![thezenmonkey](https://avatars.githubusercontent.com/u/1685217?v=4)](https://github.com/thezenmonkey "thezenmonkey (1 commits)")[![tiller1010](https://avatars.githubusercontent.com/u/42498429?v=4)](https://github.com/tiller1010 "tiller1010 (1 commits)")[![wilr](https://avatars.githubusercontent.com/u/101629?v=4)](https://github.com/wilr "wilr (1 commits)")

---

Tags

silverstriperecaptchanocaptchaspamprotectionrecaptcha2

### Embed Badge

![Health badge](/badges/undefinedoffset-silverstripe-nocaptcha/health.svg)

```
[![Health](https://phpackages.com/badges/undefinedoffset-silverstripe-nocaptcha/health.svg)](https://phpackages.com/packages/undefinedoffset-silverstripe-nocaptcha)
```

###  Alternatives

[silverstripe/mathspamprotection

This module provides a simple math protection mechanism for prevent spam from your forms.Includes an EditableMathSpamField to integrate with the UserForms module.

1917.6k](/packages/silverstripe-mathspamprotection)[sheadawson/silverstripe-zenvalidator

Faster, easier client and server-side form validation for SilverStripe

5778.4k2](/packages/sheadawson-silverstripe-zenvalidator)[jonom/silverstripe-text-target-length

Set character length recommendations on SilverStripe text form fields

32132.4k9](/packages/jonom-silverstripe-text-target-length)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)