For an overview of why you might want to use reCAPTCHA or other CAPTCHA products, please view the How-To guide on stopping bots.
These instructions are for version 2 of reCAPTCHA including Invisible reCAPTCHA. You can also read the deprecated instructions for reCAPTCHA version 1. Note that reCAPTCHA version 1 has been switched off by Google and no is no longer operational.
The quickest and easiest way?
The instructions below are detailed, but the process is simple.
However, if you really want a quick and easy way to get a form with Invisible reCAPTCHA working, use our Hosted Forms. No code is required to get it working - just copy-and-paste your reCAPTCHA keys, design a form, enable reCAPTCHA on your form, and download!
BTW, it's free (paid upgrades are available too, but a form with Invisible reCAPTCHA is free)!
Built-In Support for reCAPTCHA
Using reCAPTCHAOpens in a new window with Tectite FormMail is easier than using it with other form processors. This is because Tectite FormMail has built-in support for reCAPTCHA.
However, you still need to perform some steps to install reCAPTCHA and configure your HTML forms to use it.
The reCAPTCHA website provides instructions for setting it up with any PHP form processor.
For Tectite FormMail, you must skip the instructions for modifications/additions to the form processor. The instructions to skip are also called "Server Side Validation". You skip these instructions because FormMail does it for you.
Please follow the instructions below for installing reCAPTCHA with Tectite FormMail.
Note that unlike other CAPTCHA systems, reCAPTCHA does not use PHP sessions. This can make it easy to get working if your server is poorly configured and you have problems with PHP sessions.
Please note the following server requirements for using reCAPTCHA:
- PHP version 5.2.0 or later
- Tectite FormMail version 9.14 or later
- Tectite formval-v12.js (version 12) or later (if you're using Ajax forms).
Note: FormMail can use CAPTCHA to prevent incorrect or spam form submissions, as well as use it for auto responding. If you want to do both, make sure you read the section in the Autoresponding How-To guide.
Getting Started - First Step
Before you attempt to implement reCAPTCHAOpens in a new window or any other spam protection, you must first get your HTML form working without these features.
This means you won't be confused by other unrelated errors or problems when you try to add in reCAPTCHA.
In particular, it's important that FormMail can alert you about errors. So, make sure you have set DEF_ALERT inside FormMail's configuration section and run the testalert test.
Please read the page on adding the reCAPTCHA widget to your HTML form.
Modify the configuration section of your copy of FormMail to include the secret key you received from the reCAPTCHA admin areaOpens in a new window.
You need to set the RECAPTCHA_PRIVATE_KEY setting in FormMail. For example:
$RECAPTCHA_PRIVATE_KEY = "6LgQQgATAAAAALWHy4k0uPSmnr7chET_T74cvzqZ";
Use the REQUIRE_CAPTCHA feature to enforce reCAPTCHA validation:
$REQUIRE_CAPTCHA = "Confirm you are not a robot.";
From around August 2016, reCAPTCHA started using larger responses. If your MAXSTRING setting is the default of 1024, you'll need to increase this to allow the reCAPTCHA response to be passed correctly. You don't need to do this if you're using FormMail version 9.15 or later.
$MAXSTRING = 4096;
You must derive a field called "imgverify" from the reCaptcha field "g-recaptcha-response" so that FormMail receives the user's CAPTCHA input. Here's an example of this:
<input type="hidden" name="derive_fields" value="imgverify=g-recaptcha-response" />
The Final Step
For normal reCAPTCHA, test your form now with the following separate tests (reload the form each time):
- click to confirm you are not a robot, and solve any problem shown by reCAPTCHA
- do not click the confirmation
For Invisble reCAPTCHA, check out our page on how to test Invisible reCAPTCHA.
Using reCAPTCHA to Allow Auto Responding
FormMail's auto responding feature requires CAPTCHA to protect your server from becoming a spam gateway.
To use reCAPTCHA for this purpose, simple derive the field called "arverify" from "recaptcha_response_field" instead of "imgverify". (In the instructions above, replace "imgverify" with "arverify".
To enforce CAPTCHA for form submission and also enable auto responding, you simply do two derivations:
<input type="hidden" name="derive_fields" value="imgverify=g-recaptcha-response, arverify=g-recaptcha-response" />
<input type="hidden" name="derive_fields" value="imgverify=g-recaptcha-response, arverify=imgverify" />