开发者 |
hcaptcha
kaggdesign |
---|---|
更新时间 | 2024年11月16日 05:13 |
PHP版本: | 7.2 及以上 |
WordPress版本: | 6.7 |
版权: | GPLv2 or later |
版权网址: | 版权信息 |
The hCaptcha plugin supports WordPress core and many plugins with forms automatically. You should select the supported forms on the hCaptcha Integrations settings page.
For non-standard cases, you can use the [hcaptcha]
shortcode provided by the plugin.
For example, we support Contact Forms 7 automatically. However, sometimes a theme can modify the form. In this case, you can manually add the [cf7-hcaptcha]
shortcode to the CF7 form.
To make hCaptcha work, the shortcode must be inside the
... tag.
Open a PR on GitHub: or just email the authors of plugin X. Adding hCaptcha support is typically quite a quick task for most plugins.
Full list of arguments:
[hcaptcha action="my_hcap_action" name="my_hcap_name" auto="true|false" force="true|false" size="normal|compact|invisible"]
The shortcode adds not only the hCaptcha div to the form, but also a nonce field. You can set your own nonce action and name. For this, use arguments in the shortcode:
[hcaptcha action="my_hcap_action" name="my_hcap_name"]
and in the verification:
$result = hcaptcha_request_verify( 'my_hcap_action', 'my_hcap_name' );
For the explanation of the auto="true|false" argument, see the section "How to automatically verify an arbitrary form". By default, auto="false"
.
The argument force="true|false" allows forcing verification of hCaptcha widget before submitting the form. By default, force="false"
.
The argument size="normal|compact|invisible" allows setting the size of hCaptcha widget. By default, size="normal"
.
First, add the hCaptcha snippet to the form.
If you create the form as an HTML block in the post content, insert the shortcode [hcaptcha]
inside it. It may look like this:
`
[hcaptcha]
`
If you create the form programmatically, insert the following statement inside it:
`
?>
<?php
`
Secondly, verify the result of hCaptcha challenge.
`
$result = hcaptcha_verify_post();
if ( null !== $result ) {
echo esc_html( $result );
// Block processing of the form.
}
`
Arbitrary user forms can be verified easily. Just add auto="true"
or auto="1"
to the shortcode:
[hcaptcha auto="true"]
and insert this shortcode into your form.
Auto-verification works with forms sent by POST on frontend only. It works with forms in the post content and in widgets.
You can add also force="true"
or force="1"
argument to prevent sending a form without checking the hCaptcha.
[hcaptcha auto="true" force="true"]
hCaptcha starts early, so you cannot use standard WP functions to determine the page. For instance, to block it on my-account
page, add the following code to your plugin's (or mu-plugin's) main file. This code won't work being added to a theme's functions.php file.
`
/**
The plugin has a filter to skip adding and verifying hCaptcha on a specific form. The filter receives three parameters: current protection status ('true' by default), source and form_id.
The source is the plugin's slug (like 'directory/main-plugin-file.php'), the theme name (like 'Avada') or the WordPress core (like 'WordPress').
The form_id is the form_id for plugins like Gravity Forms or WPForms, the post id for comments or a general name of the form when the form does not have an id (like WordPress core login form).
Filter arguments for some plugins/forms are listed below.
Affiliates
$source: 'affiliates/affiliates.php'
$form_id: 'login' or 'register'
Back In Stock Notifier
$source: 'back-in-stock-notifier-for-woocommerce/cwginstocknotifier.php'
$form_id: product_id
BBPress
$source: 'bbpress/bbpress.php'
$form_id: 'new_topic', 'reply', 'login', 'register' or 'lost_password'
Beaver Builder
$source: 'bb-plugin/fl-builder.php'
$form_id: 'contact' or 'login'
Brizy
$source: 'brizy/brizy.php'
$form_id: 'form'
BuddyPress
$source: 'buddypress/bp-loader.php'
$form_id: 'create_group' or 'register'
Classified Listing
$source: 'classified-listing/classified-listing.php'
$form_id: 'contact', 'login', 'lost_password' or 'register'
Divi
$source: 'Divi'
$form_id: post_id for comment form, 'contact', 'email_optin', or 'login'
Download Manager
$source: 'download-manager/download-manager.php'
$form_id: post_id of download item in the admin
Easy Digital Downloads
$source: 'easy-digital-downloads/easy-digital-downloads.php'
$form_id: 'checkout', 'login', 'lost_password' or 'register'
Elementor Pro
$source: 'elementor-pro/elementor-pro.php'
$form_id: Form ID set for the form Content->Additional Options or 'login'
Jetpack
$source: 'jetpack/jetpack.php'
$form_id: 'contact_$form_hash'
Kadence Form
$source: 'kadence-blocks/kadence-blocks.php'
$form_id: post_id
Kadence Advanced Form
$source: 'kadence-blocks/kadence-blocks.php'
$form_id: form_id
LearnDash
$source: 'sfwd-lms/sfwd_lms.php'
$form_id: 'login', 'lost_password' or 'register'
Login/Signup Popup
$source: 'easy-login-woocommerce/xoo-el-main.php'
$form_id: 'login', or 'register'
MemberPress
$source: 'memberpress/memberpress.php'
$form_id: 'login' or 'register'
Paid Memberships Pro
$source: 'paid-memberships-pro/paid-memberships-pro.php'
$form_id: 'checkout' or 'login'
Passster
$source: 'content-protector/content-protector.php'
$form_id: area_id
Profile Builder
$source: 'profile-builder/index.php'
$form_id: 'login', 'lost_password' or 'register'
Simple Membership
$source: 'simple-membership/simple-wp-membership.php'
$form_id: 'login', 'lost_password' or 'register'
Subscriber
$source: 'subscriber/subscriber.php'
$form_id: 'form'
Support Candy
$source: 'supportcandy/supportcandy.php'
$form_id: 'form'
Theme My Login
$source: 'theme-my-login/theme-my-login.php'
$form_id: 'login', 'lost_password' or 'register'
Ultimate Member
$source: 'ultimate-member/ultimate-member.php'
$form_id: form_id or 'password'
UsersWP
$source: 'userswp/userswp.php'
$form_id: 'forgot', 'login' or 'register'
WooCommerce Wishlist
$source: 'woocommerce-wishlists/woocommerce-wishlists.php'
$form_id: 'form'
wpDiscuz
$source: 'wpdiscuz/class.WpdiscuzCore.php'
$form_id: post_id
WPForms
$source: 'wpforms-lite/wpforms.php' or 'wpforms/wpforms.php'
$form_id: form_id
wpForo
$source: 'wpforo/wpforo.php'
$form_id: 'new_topic' for new topic form and topicid for reply form. Topicid can be found in HTML code searching for 'data-topicid' in Elements.
Wordfence Login Security
$source: 'wordfence-login-security/wordfence-login-security.php'
$form_id: 'login'
Wordfence Security
$source: 'wordfence/wordfence.php'
$form_id: 'login'
WordPress Core
$source: 'WordPress'
$form_id: post_id for comment form, 'login', 'lost_password', 'password_protected', or 'register'
WooCommerce
$source: 'woocommerce/woocommerce.php'
$form_id: 'checkout', 'login', 'lost_password', 'order_tracking', or 'register'
Below is an example of how to skip the hCaptcha widget on a Gravity Form with id = 1.
`
/**
The plugin loads the hCaptcha script with a delay until user interaction: mouseenter, click, scroll or touch. This significantly improves Google Pagespeed Insights score. To load the hCaptcha widget instantly, you can use the following filter: ` /**
hCaptcha defaults to using the user's language as reported by the browser. However, on multilingual sites you can override this to set the hCaptcha language to match the current page language. For this, you can use the following filter: ` /**
You can use the following filter. It should be added to your plugin's (or mu-plugin's) main file. This filter won't work being added to a theme's functions.php file. ` /**
Starting from 4.1.0, the admin menu was moved to the top level with subpages. You can customize this by returning it to the previous location in the admin Settings section, or tweak its appearance. To do this, use the following filter to your plugin's (or mu-plugin's) main file. This code won't work being added to a theme's functions.php file. ` /**
$args
array has the following fields:
mode
: 'pages' or 'tabs' (default 'pages') — the appearance of the admin menu;
parent
: a string — the parent menu item. Default '' for 'pages' mode and 'options-general.php' for 'tabs' mode;
position
: a number — the position of the menu item. Default 58.990225 for 'pages' mode. It Has no effect on 'tabs' mode;
Please see our website.
hcap_form_args
to allow modifying form arguments.hcap_add_csp_headers
to allow adding Content Security Policy headers.hcap_api_host
, allowing to filter the API host.hcap_api_src
, allowing to filter the API source url with params.hcaptcha_login_data
option size small.hcap_login_limit_exceeded
, allowing to filter the login limit exceeded status.'on'
and WC Login form option was 'off'
.