Mirror of netsyms/captcheck@source.netsyms.com
Go to file
Skylar Ittner 528b4b5954 Wrap text in license file 2018-04-15 19:02:10 -06:00
db_upgrade Add (much) better text questions. 2017-06-13 02:15:41 -06:00
images Initial commit 2017-06-09 03:33:56 -06:00
nbproject Initial commit 2017-06-09 03:33:56 -06:00
.gitignore Initial commit 2017-06-09 03:33:56 -06:00
LICENSE Wrap text in license file 2018-04-15 19:02:10 -06:00
api.php Fix a thing 2017-06-13 02:21:16 -06:00
captcheck.css Override website theme link borders 2017-11-27 16:22:49 -07:00
captcheck.dist.js Add support for nonces (put data-stylenonce="NONCE" on the div) 2018-04-15 19:01:58 -06:00
captcheck.js Add support for nonces (put data-stylenonce="NONCE" on the div) 2018-04-15 19:01:58 -06:00
composer.json Initial commit 2017-06-09 03:33:56 -06:00
composer.lock Initial commit 2017-06-09 03:33:56 -06:00
database.mwb Add (much) better text questions. 2017-06-13 02:15:41 -06:00
database.sql Add (much) better text questions. 2017-06-13 02:15:41 -06:00
index.php Use event handlers instead of onClick and onEnter, for strict CSPs 2017-11-27 16:11:25 -07:00
logo.png Add logo 2017-06-12 00:19:50 -06:00
readme.md Update readme 2017-06-13 02:42:08 -06:00
required.php Update readme, add SQL code, remove unused function in required.php 2017-06-09 03:50:25 -06:00
scrapetexts.php Add (much) better text questions. 2017-06-13 02:15:41 -06:00
settings.template.php Automatically delete old sessions 2017-06-09 03:44:55 -06:00
test.html Add accessible format, add support for multiple CAPTCHAS on a page (use class instead of id for container) 2017-06-11 23:25:24 -06:00
test.php Make sure question text is black, improve test sample 2017-06-09 17:21:46 -06:00

readme.md

Captcheck

Easy, light, self-hostable CAPTCHA service. Works on modern browsers (and IE9+). Uses a selection of icons from Font-Awesome. Text-only accessibility mode and support for keyboard-only operation.

Thanks to textcaptcha.com for supplying the data for the text CAPTCHA.

How to use

In your form, put an empty div with the class "captcheck_container". Add captcheck.js (or captcheck.dist.js) into your page.

<!DOCTYPE html>
<html>
    <head>
        <title>Captcheck Sample Form</title>
        <meta charset="UTF-8">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <script src="captcheck.js"></script>
    </head>
    <body>
        <form action="submit.php">
            <input type="text" name="form_field" placeholder="Some random form field" />
            <div class="captcheck_container">
            </div>
            <button type="submit">Submit Form</button>
        </form>
    </body>
</html>

When the form is submitted, your server will receive two extra form fields: captcheck_session_code and captcheck_selected_answer. In your form handling code, send a request to http(s)://captcheck-url/api.php. Pass the variables session_id and answer_id with the values sent with the form, and also pass the variable action with the value verify.
You will receive a JSON response with (among other things) "result": true or "result": false. If result is false, the user failed the test, and another variable msg is available with an explanation.

Example URL:
http(s)://captcheck-url/api.php?action=verify&session_id=<captcheck_session_code>&answer_id=<captcheck_selected_answer>

Example responses:
{"session":"some_session_id","result":true}
{"session":"some_session_id","result":false,"msg":"Answer incorrect."}

Installation

  1. Run composer install.
  2. Copy settings.template.php to settings.php and plug in your settings.
  3. Install the database.
  4. Customize captcheck.js with the correct api_url.
  5. Follow the How to Use section and the example setup in test.html and test.php.

Execution Flow

JS = captcheck.js, API = api.php, FORM = parent form, 
SITE = form processing code, -> = some action taken on the right by the left

JS -> API:      Request session ID, question, and answers (with scrambled random codes)
API -> JS:      Sends info, saves session ID, correct answer, and scrambled answer codes in DB
JS -> API:      Requests answer images by sending scrambled value and session ID
JS -> FORM:     Adds hidden field with value=session ID, displays question and images (or text box)
[USER SUBMITS FORM]
SITE -> API:    Sends session ID and answer
API -> SITE:    Responds with true/false to indicate if the answer is valid, marks session as expired to prevent CAPTCHA reuse