Download the PHP package biscolab/laravel-recaptcha without Composer

On this page you can find all versions of the php package biscolab/laravel-recaptcha. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of biscolab/laravel-recaptcha

Informations about the package laravel-recaptcha

Laravel ReCAPTCHA is a very simply-to-use Laravel 5 package to embed Google reCAPTCHA in your application.

Build Status Scrutinizer Code Quality Code Coverage Packagist version Downloads MIT License

What is reCAPTCHA?

Google developers says: "reCAPTCHA protects you against spam and other types of automated abuse. Here, we explain how to add reCAPTCHA to your site or application."

You can find further info at Google reCAPTCHA Developer's Guide

reCAPTCHA available versions

At this moment there are 3 versions available (for web applications):

Get your key first!

First of all you have to create your own API keys here

Follow the instructions and at the end of the process you will find Site key and Secret key. Keep them close..you will need soon!

System requirements

Package version reCaptcha version PHP version Laravel version
6.1 v3, v2 Invisible, v2 Checkbox 7.3 or greater 7, 8, 9, 10, 11
6.0 v3, v2 Invisible, v2 Checkbox 7.3 or greater 7, 8, 9, 10
5.x v3, v2 Invisible, v2 Checkbox 7.3 or greater 7, 8, 9
4.2.x to 4.4.x v3, v2 Invisible, v2 Checkbox 7.1 or greater 5.5 or greater, 6, 7, 8
4.1.x v3, v2 Invisible, v2 Checkbox 7.1 or greater 5.5 or greater, 6, 7
4.0.x v3, v2 Invisible, v2 Checkbox 7.1 or greater 5.5 or greater, 6
3.x v3, v2 Invisible, v2 Checkbox 7.1 or greater 5.5 or greater, 6 (*)
2.x v2 Invisible, v2 Checkbox 5.5.9, 7.0 or greater 5.0 or greater

(*) Version 3.6.1 is Laravel 6 ready

Composer

You can install the package via composer:

Laravel 5.5 (or greater) uses package auto-discovery, so doesn't require you to manually add the Service Provider, but if you don't use auto-discovery ReCaptchaServiceProvider must be registered in config/app.php:

You can use the facade for shorter code. Add ReCaptcha to your aliases:

Publish package

Create config/recaptcha.php configuration file using the following artisan command:

Set the environment

Add your API Keys

Open .env file and set RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY:

RECAPTCHA_SKIP_IP (since v5.2.0, not required, CSV format ) allows you to add a list of IP/CIDR (netmask included). It will be the value of skip_ip

The following environment variables have been removed!!! Now only sensitive informations as API keys are allowed as environment variables, that means you have to set configuration values in config/recaptcha.php

Complete configuration

Open config/recaptcha.php configuration file and set version:

Key Type Description Default
api_site_key and api_secret_key string reCAPTCHA keys you have to create in order to perform Google API authentication. For more information about Site Key and Secret Key please visit Google reCAPTCHA developer documentation ''
version string indicates the reCAPTCHA version (supported: v3|v2|invisible). Get more info about reCAPTCHA version at https://developers.google.com/recaptcha/docs/versions 'v2'
curl_timeout int the maximum number of seconds to allow cURL functions to execute 10
skip_ip array | string a whitelist of IP addresses (array or CSV) that, if recognized, disable the reCAPTCHA validation (return always true) and if you embed JS code in blade (view) file NO validation call will be performed []
default_validation_route string the route called via javascript built-in validation script (v3 only) 'biscolab-recaptcha/validate'
default_token_parameter_name string the name of "token" GET parameter sent to default_validation_route to be validated (v3 only) 'token'
default_language string the default language code. It has no effect with v3. See https://developers.google.com/recaptcha/docs/language for further information null
default_form_id string the default form ID. Only for "invisible" reCAPTCHA 'biscolab-recaptcha-invisible-form'
explicit bool deferring the render can be achieved by specifying your onload callback function and adding parameters to the JavaScript resource. It has no effect with v3 and invisible (supported values: true|false) false
api_domain string customize API domain. Default value is 'www.google.com', but, if not accessible you ca set that value to 'www.recaptcha.net'. More info about Can I use reCAPTCHA globally? 'www.google.com'
empty_message bool set default error message to null false
error_message_key string set default error message translation key 'validation.recaptcha'

(array) tag_attributes

Key Type Description Default
tag_attributes.theme string the color theme of the widget. (supported values: "light"|"dark") 'light'
tag_attributes.size string the size of the widget. (supported values: "normal"|"compact") 'normal'
tag_attributes.tabindex int the tabindex of the widget and challenge 0
tag_attributes.callback string the name of your callback function, executed when the user submits a successful response. The g-recaptcha-response token is passed to your callback null
tag_attributes.expired-callback string the name of your callback function, executed when the reCAPTCHA response expires and the user needs to re-verify null
tag_attributes.error-callback string the name of your callback function, executed when reCAPTCHA encounters an error (usually network connectivity) and cannot continue until connectivity is restored. If you specify a function here, you are responsible for informing the user that they should retry null

DO NOT SET tag_attributes.callback, tag_attributes.expired-callback, tag_attributes.error-callback to biscolabOnloadCallback. biscolabOnloadCallback is the default JavaScript callback function called when explicit is set to true and widget onload event is fired.

Here you can find further details about tag_attributes.* https://developers.google.com/recaptcha/docs/display#render_param

Reload config cache file

!!! IMPORTANT !!! Every time you change some configuration run the following shell command:

Have you updated?

If you are migrating from an older version check your config/recaptcha.php configuration file and compare it with https://github.com/biscolab/laravel-recaptcha/blob/master/config/recaptcha.php.

Make sure config/recaptcha.php is updated

Customize error message

Just for v2 and invisible users.

Before starting please add the validation message to resources/lang/[LANG]/validation.php file

Embed in Blade

Insert htmlScriptTagJsApi() helper before closing </head> tag.

You can also use ReCaptcha::htmlScriptTagJsApi().

htmlScriptTagJsApi

htmlScriptTagJsApi function accepts $configuration argument. $configuration has different keys depending on which ReCAPTCHA you are using:

ReCAPTCHA v2 Checkbox

htmlScriptTagJsApi(\$configuration)

$configuration argument can have following keys:

Form set-up

After you have to insert htmlFormSnippet() helper inside the form where you want to use the field g-recaptcha-response.

You can also use ReCaptcha::htmlFormSnippet() .

DO NOT forget @csrf blade directive

htmlFormSnippet([, array \$attributes = [] ])

htmlFormSnippet() function does not require attributes but you can override default config data- attributes:

htmlFormSnippet methos allows are only folowing attribute names:

Any different attribute name will be rejected

Customization

In config/recaptcha.php you can customize reCAPTCHA widget setting tag_attributes array values. Take a look to tag_attributes section in Complete configuration

ReCAPTCHA v2 Invisible

htmlScriptTagJsApi(\$configuration)

$configuration argument can have following keys:

Form set-up

After you have to insert htmlFormButton($button_label, $properties) helper inside the form where you want to use reCAPTCHA.

This function creates submit button therefore you don't have to insert <input type="submit"> or similar.

You can also use ReCaptcha::htmlFormButton($button_label, $properties) .

$button_label is what you want to write on the submit button

DO NOT forget @csrf blade directive

getFormId()

getFormId function returns the default form ID value. This is the value of either default_form_id in config/recaptcha.php or $configuration['form_id'] previously set as arguments of htmlScriptTagJsApi helper.

$configuration['form_id'] overrides default settings.

htmlFormButton()

htmlFormButton function accepts 2 arguments:

If data-sitekey and data-callback properties are set, they will be overwritten

If class property is set the value g-recaptcha will be appended

Verify submitted data

Add recaptcha to your rules

Embed in Blade

Insert htmlScriptTagJsApi($config) helper before closing </head> tag.

$config is required and is an associative array containing configuration parameters required for the JavaScript validation handling.

The keys are:

Key Required Description Default value
action no is the action parameter required by reCAPTCHA v3 API (further info) homepage
custom_validation no is the name of your custom callback javascript function who will override the built-in javascript validation system of this package empty string
callback_then no (overlooked if custom_validationis set) is the name of your custom callback javascript function called by the built-in javascript validation system of this package in case of response success empty string
callback_catch no (overlooked if custom_validationis set) is the name of your custom callback javascript function called by the built-in javascript validation system in this package in case of response fault empty string

Built-in javascript validation system

As callback of grecaptcha.execute an ajax call to config('recaptcha.default_validation_route') will be performed using fetch function. In case of successful response a Promise object will be received and passed as parameter to the callback_then function you have set. In not set, no actions will be performed.

Same will happen with callback_catch. callback_catch will be called in event of response errors and errors will pass as parameter et that function. If not set, no actions will be performed.

Please, go to Using Fetch for further information on fetch javascript function.

Warning!!! Check browser compatibility fetch function has compatibility issues with some browser like IE. Please create a custom validation function and set custom_validation with its name. That function has to accept as argument the tokenreceived from Google reCAPTCHA API.

Fetch browser compatibility

Validation Laravel route

Default validation route is config('recaptcha.default_validation_route', 'biscolab-recaptcha/validate').
Route and relative Controller are built-in in the package. The route if filtered and protected by Laravel web Middleware, that's why is important you embed csrf-token HTML meta tag and send X-Requested-Wit and X-CSRF-TOKEN headers.

You can also change the validation end-point changing default_validation_route value in recaptcha.php config file.

Validation response object

The output will be a JSON containing following data:

If you embed code in your blade file using htmlScriptTagJsApiV3 helper no validation call will be performed!

More info at Configuration page

  • Output with an empty response from Google reCAPTCHA API

In the next paragraph you can learn how handle Validation promise object

"callback_then" and "callback_catch"

After built-in validation you should do something. How? Using callback_then and callback_catch functions.

What you have to do is just create functions and set parameters with their names.

The result should be something like that:

"custom_validation" function

As just said you can handle validation with your own function. To do that you have to write your function and set custom_validation parameter with its name.

The result should be something like that:

All versions of laravel-recaptcha with dependencies

PHP Build Version
Package Version
Requires php Version ^7.3|^8.0
illuminate/routing Version ^7.0|^8.0|^9.0|^10.0|^11.0
illuminate/support Version ^7.0|^8.0|^9.0|^10.0|^11.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package biscolab/laravel-recaptcha contains the following files

Loading the files please wait ....