Support

Admin Tools

#41498 captcha

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
5.2.3
PHP version
8.1
Admin Tools version
7.6.2

Latest post by nicholas on Thursday, 23 January 2025 08:42 CST

[email protected]

Hello,

I am receiving a lot of SPAM in my forms and Google reCaptcha is not included in Joomla 5. Honestly, I really miss the integration of reCaptcha. I tried downloading one from the JED, but I couldn’t get it to work.

Does AdminTools Professional have an equivalent tool, or is there any plan to develop one in the future? I have configured Project Honey Pot, but I haven’t been able to check its results yet.

It would be great to block spammers’ IPs as site attackers.

Thank you.

Best regards,
Jose L.

nicholas
Akeeba Staff
Manager

You're in luck, because I forked the core reCAPTCHA plugin and updated it for Joomla! 5. You can find it at https://github.com/nikosdion/plg_captcha_google. Please do read the Usage paragraph on that page and follow its instructions. The package download is at https://github.com/nikosdion/plg_captcha_google/releases/latest

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

[email protected]

Thank you very much for your quick response. Please forgive my ignorance, but I can't get it to work.

I uninstalled the previous plugin and installed the new one, activated it, and filled in both Google Keys.

In the global configuration, I selected the new plugin as the default Captcha.

In my form, which is a custom development following Joomla 5's folder structure and namespaces (thanks for your documentation), the reCaptcha symbol does not appear.

However, if I load this code in HtmlView:

 
$recaptchaOptions = [
    'sitekey' => 'mi_secret_code',
    'action' => 'submit'
];


$document->addScriptOptions('recaptcha', $recaptchaOptions)

 

$wa->registerAndUseScript(
    'google-recaptcha-v3',
    'https://www.google.com/recaptcha/api.js?render=mi_secret_code,
    [],
    ['defer' => true]
);

Then the Google reCaptcha symbol does load, although I'm not sure if it's actually doing anything. What am I doing wrong or not doing?

P.S. How about a new tab in AdminTools Professional, such as Project Honeypot, combining the best of AdminTools and reCaptcha to block malicious IPs?

nicholas
Akeeba Staff
Manager

The One True Joomla! Way™ to use CAPTCHA is thus. Note that I am assuming you are going to be using the globally selected CAPTCHA method, and that you are using PHP 8.1 or later (matching the minimum requirements for Joomla! 5).

// ### This method goes both in your View, and your Model.
public function getCAPTCHAObject(): ?\Joomla\CMS\Captcha\Captcha
{
// Get the default CAPTCHA plugin from the application's configuration.
$plugin = \Joomla\CMS\Factory::getApplication()->getParams()->get('captcha', '');

// Replace com_example with your own extension name
return empty($plugin)
? null
: \Joomla\CMS\Captcha\Captcha::getInstance($plugin, ['namespace' => 'com_example']);
}

// ### In your View
$this->captcha = $this->getCAPTCHAObject();

// ### In your view template ###
// Note that it creates a form field with the name "captcha".
<?php echo $this->captcha?->display('captcha') ?? ''; ?>

// ### In the form validation code of your Model ###
public function isCAPTCHAValid(): bool
{
 $input = \Joomla\CMS\Factory::getApplication()->input;
return $this->getCAPTCHAObject()?->checkAnswer($input->get('captcha', '', 'raw'))) ?? true
}

If you are following this standard Joomla! practice for using whichever CAPTCHA is configured in the system you will have no problem using the replacement plugin or any other CAPTCHA plugin, regardless of which CAPTCHA method it's using. For example, if you decide reCAPTCHA is not for you and would like to switch the hCAPTCHA, or CloudFlare Turnstile you can do so by installing the respective plugin and selecting it as your default CAPTCHA in Global Configuration. If you don't like my reCAPTCHA plugin, you can use another one just fine.

For an example of using that in the real world, please see https://github.com/akeeba/contactus. This is the contact form component we use on this site. Find \Akeeba\Component\ContactUs\Site\Model\ItemModel::getCaptchaObject and check its uses. You will very quickly see how CAPTCHA works inside a real extension. Also note that the code in the component I linked you is more verbose as it does a lot of error handling, and is targeting PHP 7.4 to 8.4 at the time of this writing.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

[email protected]

Thanks for the detailed response. I've been trying for several days but I'm not doing something right. My configuration is:

- Plugin CAPTCHA - Google Invisible reCAPTCHA: Active with Site and Secret keys.

- Global configuration > Default Captcha: CAPTCHA - Google Invisible reCAPTCHA

- In default.php: before </form>

<php echo $this->captcha?->display('captcha') ?? '';

- In Model after loadFormData():

public function isCAPTCHAValid(): bool
{
    $input = \Joomla\CMS\Factory::getApplication()->input;
    return $this->getCAPTCHAObject()?->checkAnswer($input->get('captcha', '', 'raw')) ?? true; // I think there is a parenthesis left over in your original code

}

And in Model and HtmlView the getCAPTCHAObject() function, a little modified to see parameter object:

public function getCAPTCHAObject(): ?\Joomla\CMS\Captcha\Captcha
{
    // Get the default CAPTCHA plugin from the application's configuration.
    $params = Factory::getApplication()->getParams();

    echo '<pre>Params: ', print_r($params), '</pre>';

    $plugin = Factory::getApplication()->getParams()->get('captcha', '');

    return empty($plugin)
        ? null
        : \Joomla\CMS\Captcha\Captcha::getInstance($plugin, ['namespace' => 'com_formularios']);
}

And I get this object where no captcha property is present:

Params: Joomla\Registry\Registry Object
(
    [data:protected] => stdClass Object
        (
            [save_history] => 0
            [history_limit] => 5
            [sef_ids] => 0
            [show_page_heading] => 0
            [menu-anchor_css] =>  bg-danger text-white fw-bold
            [menu_text] => 1
            [menu_show] => 1
            [page_title] => My title
            [helixultimate_enable_page_title] => 0
            [helixultimate_page_title_heading] => h2
            [page_description] => My page description
            [page_rights] => 
            [robots] => noindex, nofollow
        )

    [initialized:protected] => 1
    [separator:protected] => .
)

nicholas
Akeeba Staff
Manager

Please do take a look at https://github.com/akeeba/contactus  It's much easier for you to see it in action than me writing a tutorial as part of a support ticket answer.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!