Algorithm
- Plugin generates token on the backend side.
- Plugin adds hidden field for token in each form which will use method "POST" after rendering of the page.
- Plugin inserts token in the field after user's interaction with site.
For developers
Antispam will automatically check submissions of the regular forms but ignores all AJAX requests.
If you want to change this behaviour, you can use filter
concise_antispam_need_to_validate_token
.
See example:
Disable Antispam for some forms:
`
add_filter("concise_antispam_need_to_validate_token", function($needToValidateToken) {
if (!empty($_POST['do-not-check-antispam-token'])) {
$needToValidateToken = false;
}
return $needToValidateToken;
});
You can also always manually call
\Concise\Antispam::validateTokenOrDie()` in your custom handler.