Anti-Spam Options - reCAPTCHA v2 Human Verification

(Note: This mod was renamed. The original name was "New reCAPTCHA Human Verification")

What is it?
----------------------------
This mod adds reCAPTCHA v2 as an option in the Human Verification Manager.

Note: The original reCAPTCHA used default keys if you didn't enter your own, so you could leave the key fields blank. This version requires you to have your own keys for your domain. To create them, go to this page (click on the "Get reCAPTCHA" button). It may take a short time after creating the keys before they will work, so if you get "ERROR: Invalid domain for site key", wait a while and try again.

vb3 version is here: https://vborg.vbsupport.ru/showthread.php?t=315964

Installation:
----------------------------
1) Upload the file in the "upload" folder to your server.

2) Import the product XML file from the Product Manager.

3) If you don't already have keys, go to this page and create keys for your domain. (If you already have keys you can get them from that page as well).

4) Go to Settings > Human Verification Manager, select "New reCAPTCHA" for the Verification Library, and click Save.

5) Enter your keys on the options page, and select the light or dark widget as desired (apparently white and black are the only options at this time). You could select "Audio" to default to audio instead of image for the challenge, but the widget seems to have a bug in it at the moment so I recommend leaving it set to "image". Click Save when you're done selecting options.

6) You can check the configuration and do a test by clicking on "Click here to test connection" which appears under the description in the Human Verification Manager.

7) Do a test registration (or other action that requires hv) to test that your keys are entered correctly and everything is working.

8) If you are upgrading from version 0.9, you can remove the file includes/class_humanverify_newrecaptcha.php (the one without the third underscore) from your server.

History:
----------------------------
1.0 (Feb 22, 2015)

• Cached template (required renaming the uploaded file from
  class_humanverify_newrecaptcha.php to class_humanverify_new_recaptcha.php)
• Removed default keys (which didn't work anyway)
• Removed trademark symbols
• Changed execution order of plugins from 5 to 4, to make sure this product
  works with another HV add-on that has a bug.
• If "New reCAPTCHA" is selected when this mod is uninstalled, the hv library
  is switched to 'disabled'.
• Added a test option to print out more information about verification failures

0.9 (Dec 11, 2014)

• Initial Release

[Necrophyte]

kh99, I started trying to code this in myself and I found this and you made my life so much easier. However, now I have users complaining that after 2min its timing out. I've looked everywhere and I can't find a way to extend the timeout. It takes more than 2 min to fill the Application, and everyone seems to click the recatpcha right away. So after the 2 min, and they click submit. They have to refill the application again. Any thoughts on this?

Awesome job btw. Thank you for your time to code and post this.

[kh99]

I haven't seen any option to change the timeout. But I have seen mention on the recaptcha forum of people who wanted to detect the timeout and handle it on the page with javascript. I think there might be a javascript callback function that can be set up to be called if it times out. You can also check the g-recaptcha-repsonse value when the form is submitted to check if it's been filled out.

To do that stuff I think what you have to do is use the 'explicit rendering' option. This mod doesn't use that, but you might be able to use it with this mod just by editing the template. I was thinking of making it an option for the next version, but even if I do I don't know if I'll get around to doing anything like handling a timed out widget.

[Necrophyte]

Thank you for such a quick response. So far editing the template and moving the human verification part to the forum rules, editing the human verification template to just show the recaptcha box has been the best solution for me.

Again, Thank you for all you have done here. It is very much appreciated.

[swanbourne]

I'm struggling a bit with this. I installed the mod and got new keys and can now see the "I'm not a robot" box but no further verification tests. Looking at the Google site, it states

Site key
Paste this snippet before the closing </head> tag on your HTML template:
<script src='https://www.google.com/recaptcha/api.js'></script>
Paste this snippet at the end of the <form> where you want the reCAPTCHA widget to appear:
<div class="g-recaptcha" data-sitekey="xxxxxxxxxxxxxxxxxxxxxxxxxx"></div>

Is this necessary with this mod and if so, which files need editing?

Thanks.

[kh99]

There won't necessarily be any further tests. That's part of what the new version does. It only presents a test if it decides that you might not be a human. I've found that if I continue to test repeatedly it will eventually start doing another test.

For this mod you only need to enter the keys in the admincp. They are inserted into the html for you.

Have you tried the "Click here to test connection" link? If everything is green then that means you've got everything set up correctly.

[swanbourne]

Thanks for your reply. Yes, I get the green light on the "test connection" link and all seems to be in order but when I created a test account, it just asked me to confirm that I was human, which didn't seem much of a verification process.

Eddie

[x iJailBreak x]

Quote:

Originally Posted by kh99

I was able to replicate the issue, but I can't figure out what's going on. All the recaptcha stuff is where it should be and it's loading the javascript from google, and there aren't any js errors, but it's not showing up.

So are you saying that the original recaptcha worked with vbsocial, until you installed this mod? I uninstalled completely and the original recaptcha doesn't work, but I didn't try it before installing my mod. I don't see how it could affect anything after being uninstalled, but anything's possible.

ETA: anyway, this mod works just like the original recaptcha that comes with vbulletin, and I don't really have time to figure out why there's a conflict even with the original (as I suspect it doesn't work even for someone who has never installed my mod). But I *am* working on a new version of this mod to include a template for the mobile style and make a few other tweaks, and one thing I was thinking of including is an option to use the "alternate" way to render the recaptcha widget (see the google developer page if you're curious about it). So it's possible that will solve the issue.

The conflict is due to vBSocial 10 allowing people to reset their password via the header bar and it includes human verification - to fix, make an edit to the template vbsocial_notification_guest_account_tab. You'll want to replace everything in it with the following:

Code:

<li class="divider"></li>

<style type="text/css">
    #imageregt { max-width: 220px; }
    #carousel-guest-account .rightcol { margin-{vb:stylevar left}: 0px;
</style>

<li class="dropdown-grid">
    <a data-toggle="dropdown" href="javascript://" class="dropdown-toggle" rel="nofollow"><i class="fa fa-sign-in"></i>&nbsp;{vb:rawphrase log_in}<span class="caret"></span></a>

    <div class="dropdown-grid-wrapper">
        <ul class="dropdown-menu col-xs-12 col-sm-10 col-md-8 col-lg-7" role="menu" >
            <li>
                <div id="carousel-guest-account" class="carousel slide">
                    <div class="row">
                        <div class="col-lg-8 col-md-8 col-sm-8 border-right">
                            <div class="carousel-inner">
    
                                <!-- login form -->
                                <div class="item active">
                                    <h3 class="text-right"><i class="fa fa-sign-in"></i> {vb:rawphrase log_in}</h3><br>

                                    <form method="post" action="login.php?{vb:raw session.sessionurl}do=login" class="form-horizontal" role="form" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, {vb:raw show.nopasswordempty})">
                                        <div class="form-group">
                                            <label for="inputUsername" class="col-sm-3 control-label">{vb:rawphrase username}</label>

                                            <div class="col-sm-9"><input type="text" class="input-sm form-control" name="vb_login_username" id="inputUsername" placeholder="{vb:rawphrase username}" autocomplete="off" tabindex="1" accesskey="u"></div>
                                        </div>
                                        <div class="form-group">
                                            <label for="inputPassword3" class="col-sm-3 control-label">{vb:rawphrase password}</label>
                                            <div class="col-sm-9"><input type="password" class="input-sm form-control" name="vb_login_password" id="inputPassword3" placeholder="{vb:rawphrase password}" autocomplete="off" tabindex="2"></div>
                                        </div>
                                        <div class="form-group">
                                            <div class="col-sm-offset-3 col-sm-5">
                                                <div class="checkbox no-padding">
                                                   <label><input type="checkbox" name="cookieuser" value="1"  accesskey="c" tabindex="3" /> {vb:rawphrase remember_me}</label>
                                                </div>
                                            </div>
      
                                            <div class="col-sm-4">
                                                <button class="btn btn-default pull-right" tabindex="4" type="submit"><i class="fa fa-unlock-alt"></i> {vb:rawphrase log_in}</button>
                                            </div>               
                                        </div>
                                        
                                        <input type="hidden" name="do" value="login" />
                                        <input type="hidden" name="vb_login_md5password" />
		                        <input type="hidden" name="vb_login_md5password_utf" />

                                        <input type="hidden" name="s" value="{vb:raw session.sessionhash}" />
		                        <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}" />
                                    </form>

                                     <vb:if condition="$vboptions['enablefacebookconnect']">
					      <a id="fb_getconnected" href="#"><img src="{vb:stylevar imgdir_misc}/facebook_login_long.gif" alt="{vb:rawphrase facebook_connect}" /></a>
				    </vb:if>
                                </div>

                                <vb:if condition="$show['registerbutton']">
                                <div class="item"></div>
                                </vb:if>

                                <!-- Forgot your password -->
                                <vb:if condition="THIS_SCRIPT != 'register'">
                                    <div class="item">
                                        <h3 class="text-right"><i class="fa fa-warning"></i> {vb:rawphrase lost_password_recovery_form}</h3>
                                        <br>
                                        <p class="text-justify"><small><i>{vb:rawphrase forgotten_password_request_email}</small></i></p>

                                        <form id="lost_password" method="post" class="form" role="form" action="login.php?{vb:raw session.sessionurl}do=emailpassword">

                                            <div class="form-group">{vb:raw human_verify}</div>

                                            <div class="input-group">
                                                <input type="text" class="form-control" placeholder="{vb:rawphrase enter_your_email_address}" name="email" autocomplete="off">

                                                <span class="input-group-btn">
                                                <button class="btn btn-default" type="submit"><i class="fa fa-envelope"></i> {vb:rawphrase send_it_to_me}!</button>
                                                </span>
                                            </div>

                                            <input type="hidden" name="do" value="emailpassword" />
                                            <input type="hidden" name="s" value="{vb:raw session.sessionhash}" />
                                    <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}" />
                                        </form>

                                    </div>
                                </vb:if>
                            </div>
                        </div>

                        <div class="col-lg-4 col-md-4 col-sm-4">
                            <ol class="carousel-indicators navbar-carousel-indicators" style="">
                                <li data-target="#carousel-guest-account" data-slide-to="0" class="active"><a href="javascript://">{vb:rawphrase log_in}<span class="desc">{vb:rawphrase already_have_an_account_log_in}</span></a></li>

                                <vb:if condition="$show['registerbutton']">
                                <li><a href="register.php{vb:raw session.sessionurl_q}" rel="nofollow">{vb:rawphrase register}<span class="desc">{vb:rawphrase create_new_account}</span></a></li></vb:if>
                               
                                <vb:if condition="THIS_SCRIPT != 'register'">
                                <li data-target="#carousel-guest-account" data-slide-to="{vb:if $show['registerbutton'], 2, 1}" class=""><a href="login.php?{vb:raw session.sessionurl}do=lostpw" class="" rel="nofollow">{vb:rawphrase forgot_your_password}?<span class="desc">{vb:rawphrase dont_worry_it_happens}</span></a></li>
                                </vb:if>

                                <vb:if condition="$show['contactus']"><li><a href="sendmessage.php{vb:raw session.sessionurl_q}" rel="nofollow">{vb:rawphrase contact_us}<span class="desc">{vb:rawphrase send_email_to_forum_administrator}</span></a></li></vb:if>

                            </ol>

                        </div>

                    </div>
                </div>
            </li>
        </ul>
    </div>
</li>

<vb:if condition="$show['registerbutton']">
<li class="divider"></li>
<li>
     <a rel="nofollow" href="register.php{vb:raw session.sessionurl_q}"><i class="fa fa-user"></i> {vb:rawphrase register}</a>       
</li>
</vb:if>

All this will do is remove the lost password form in the header on register.php (but not anywhere else), which fixes human verification.

[KGodel]

Has anyone else had issues with this not working in IE? Is it a google thing or a bug with the plugin?

[cduguay]

I'm confused with step 2:

2) Import the product XML file from the Product Manager.

Do I install the file (product-kh99_new_recaptcha_v1_0) in the "Includes" directory as well?

Thanks, Carl

[kh99]

Quote:

Originally Posted by KGodel

Has anyone else had issues with this not working in IE? Is it a google thing or a bug with the plugin?

Sorry for the very late reply, but I have seen mention on the recaptcha google forum about problems with IE, but I haven't checked it out myself. I think the widget is still in development, so problems come and go and don't have anything to do with this mod directly.