Plugins - ReCAPTCHA
Add to favoritesReCAPTCHA
| Author: | Jason L Perry (http://ambethia.com) |
| Copyright: | Copyright © 2007 Jason L Perry |
| License: | MIT |
This plugin adds helpers for the ReCAPTCHA API (http://recaptcha.net/). In your views you can use the recaptcha_tags method to embed the needed javascript, and you can validate in your controllers with verify_recaptcha.
You’ll want to add your public and private API keys in the environment variables RECAPTCHA_PUBLIC_KEY and RECAPTCHA_PRIVATE_KEY, respectively. You could also specify them in config/environment.rb if you are so inclined. Exceptions will be raised if you call these methods and the keys can’t be found.
recaptcha_tags
Some of the options available:
| :ssl: | Uses secure http for captcha widget (default false) |
| :noscript: | Include content (default true) |
| :display: | Takes a hash containing the theme and tabindex options per the API. (default nil) |
| :public_key: | Your public API key, takes precedence over the ENV variable (default nil). |
| :error: | Override the error in +session[:recaptcha_error]+ (default nil). |
verify_recaptcha
This method returns true or false after processing the parameters from the ReCAPTCHA widget. Why isn’t this a model validation? Because that violates MVC. Use can use it like this, or how ever you like. Passing in the ActiveRecord object is optional, if you do—and the captcha fails to verify—an error will be added to the object for you to use.
respond_to do |format|
if verify_recaptcha(@post) && @post.save
# ...
else
# ...
end
end
TODO
- Add some helpers to use in before_filter and what not
- Better documentation
Nice work. But it looks like the :display hash is being unnecessarily html escaped on output, btw, which makes the JS var invalid... just fyi
g : drop a few lines of javascript just ABOVE the captcha call in the 'new' view.
RecaptchaOptions = { theme : 'custom' };
http://pastie.org/263015
FYI: Just installed using SVN repository and got this at the end:
"This plugin has moved to http://github.com/ambethia/recaptcha"
Sergey,
Do it this way:
if [@user.valid?, verify_recaptcha(@user)].all? @user.save
That will solve your issue.
would love to see an example tag that changes the theme. i have tried everything under the sun but nothing i have tried works.
sergey, Peter:
@post.save && verify_recaptcha(@post)
is not a good idea. If the @post is valid, then the @post database record is successfully saved without consulting the captcha. May I suggest this instead:
[@post.valid?, verify_recaptcha(@post)].all? && @post.save
This also has the benefit of showing both the @post validation errors and the added captcha error.
Some feedback on the plugin:
I would like an option to specify your own validation error message for a captcha mismatch. Or, really, it could just be changed from "Captcha response is incorrect, please try again." to "Captcha response is incorrect" and I'd be happy with the default. The "please try again" and the period are unconventional.
I don't like how captcha errors are stored in session. If you get a captcha wrong when making a post, then give up, then revisit the site and open the "new post" page again, you'll see "Incorrect. Try again." before trying anything.
sergey- Good point. I'd recommend doing @post.save && verify_recaptcha(@post). Switch the order. That way, if the model doesn't validate, it takes precedence, and a new captcha is generated anyway (AFAIK).
Doesn't work when the <script src='..recaptcha.org...'> tag is placed into the DOM using using ExtJS UpdateManager even with loadScripts=true. Error in Firebug: Recaptcha State not defined. recaptcha.js:483.
save in this way verify_recaptcha(@post) && @post.save
will behave strange, user can make errors in model, but will see only catcha error. He he will forced to enter corrent captha, only to see errors in model