Downloads
Stars
Version
Fully hidden spam protection solution for Laravel without reCaptcha. Based on several strategies to block the vast majority of spam bots without interfering with the user experience.
HiddenCaptcha will use three checking rules to block spam robots :
The token is retrieved via an ajax call signed with sha256.
composer require sebastienheyd/hidden-captcha
Publish public assets :
php artisan vendor:publish --tag=laravel-assets
Extra steps for Laravel < 5.5 :
SebastienHeyd\HiddenCaptcha\HiddenCaptchaServiceProvider::class,
at the end of the provider
array in
config/app.php
"HiddenCaptcha" => SebastienHeyd\HiddenCaptcha\Facades\HiddenCaptcha::class,
at the end of the aliases
array
in config/app.php
In your forms, in the blade view :
@hiddencaptcha
To check your form, add the following validation rule:
'captcha' => 'hiddencaptcha'
By default, the time limits for submitting a form are 0 second minimum to 1200 seconds maximum (10 minutes). Beyond that, hiddencaptcha will not validate the form.
These limits can be changed by declaring them in the validation rule, for example:
$rules = ['captcha' => 'hiddencaptcha:5,2400'];
You can also publish the configuration file to edit the default time limits :
php artisan vendor:publish --tag=captcha-config
Hidden-captcha comes with a JS who must be publish. Since you typically will need to overwrite the assets
every time the package is updated, you may use the --force
flag :
php artisan vendor:publish --tag=laravel-assets --force
To auto update assets each time package is updated, you can add this command to post-update-cmd
into the
file composer.json
at the root of your project.
{
"scripts": {
"post-update-cmd": [
"@php artisan vendor:publish --tag=laravel-assets --force --ansi"
]
}
}