PHP Classes

PHP Form SPAM Protection without CAPTCHA: Validate human users who submit form fields

Recommend this page to a friend!
     
  Info   View files Documentation   View files View files (53)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2024-03-08 (7 days ago) RSS 2.0 feedNot enough user ratingsTotal: 52 This week: 52All time: 10,588 This week: 1Up
Version License PHP version Categories
no-captcha-php 1.0BSD License5HTML, PHP 5, Validation, Security
Description 

Author

Gabriel Alejandro López López

This package can validate human users who submit form fields.

It can generate HTML and JavaScript to be used in forms to detect when a natural person submitted the form.

The package provides several classes that implement various rules that applications can use to verify human users who submit forms.

Currently, it provides rule classes that can:

- Use cookies to detect users

- Use a hidden checkbox that robots may check

- Use hidden fields that store encrypted keys valid for a limited period

- Use JavaScript to fill a hidden input value

- Use JavaScript to insert a hidden form input dynamically

- Use the PHP session variable to store the time a form is generated, and only accept submissions if they happen within a limited period.

Picture of Gabriel Alejandro López López
  Performance   Level  

Level 1 Star

 

Documentation

No Captcha Form Spam Filter

No Captcha Form Spam Filter is a PHP utility library for dealing with spam bots using unobtrusive and user friendly techniques.

Applying this techniques will help to reduce the span in your sites in more than 90% and users will not be annoyed with intrusive Captchas or extra fields.

Installation

You can download it and place it on your third party libraries folder but we highly recommend that you install it through composer.

Either run

$ composer require daxslab/no-captcha

or add

"daxslab/no-captcha": "~1.0"

to the require section of your composer.json file.

The NoCaptchaAntiSpam Class

The NoCaptchaAntiSpam Class can be used to declare Protection Rules, Include security code in forms and check if the form submission does not trigger any rule validation.

For creating an instance of the NoCaptchaAntiSpam Class, the create() static function can be used: 



use daxslab\nocaptcha\NoCaptchaAntiSpam;
use daxslab\nocaptcha\rules\CssHiddenFieldRule;

// Declare no captcha anti spam object with CSS based hidden field check
$noCaptchaAntiSpam = NoCaptchaAntiSpam::create([
        'rules' => [
            CssHiddenFieldRule::create([
                // form input field name
                'name' => 'css_hidden_field',
            ])
        ],
]);

Including form elements

Using the NoCaptchaAntiSpam created instance you can include the needed elements inside a form with the renderRules() function:

<form id="contactForm" method="post">
    <div class="form-group">
        <label for="contactName">Name</label>
        <input class="form-control" name="contact_name" id="contactName" placeholder="Enter name">
    </div>
    
    <!--  Include rules form elements  -->
    <?= $noCaptchaAntiSpam->renderRules() ?>
    
    <button type="submit" name="submit_button" class="btn btn-primary">Submit</button>
</form>

Verifying form submission

Using the checkSubmit() function from the NoCaptchaAntiSpam created instance you can check if any of the declared Rules triggers when the form is submitted: 

if ($_POST){
    if ($noCaptchaAntiSpam->checkSubmit()){
        echo 'Form submitted correctly';
    } else {
        echo 'Bot detected';
    }
}

Rules

Rule classes implements different security checks including:

  • `CssHiddenFieldRule`: A honeypot field hidden using CSS
  • `JavascriptGeneratedHiddenFieldRule`: A honeypot field generated using JavaScript
  • `JavascriptFilledInputRule`: A JavaScript filled hidden input
  • `SessionTimeTrapRule`: A time trap using session stored variables
  • `FormTimeTrapRule`: A time trap using a form field
  • `CookieCheckRule`: A cookie verification

A NoCaptchaAntiSpam instance can contain one or multiple rules.

Random field names

Random field names can be applied for an extra security layer, they are stored in PHP sessions and rules field names will change making difficult to bots identify them. Random field names can be applied to single rules or multiple rules.

Documentation

For extended documentation and examples you can put the doc folder behind a PHP capable web server.


  Files folder image Files  
File Role Description
Files folder imagedoc (10 files, 2 directories)
Files folder imagelib (1 file, 1 directory)
Files folder imagetests (3 files, 4 directories)
Accessible without login Plain text file codeception.yml Data Auxiliary data
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file README.md Doc. Documentation

Downloadno-captcha-php-2024-03-08.zip 111KB
Downloadno-captcha-php-2024-03-08.tar.gz
Install with ComposerInstall with Composer
 Version Control Unique User Downloads Download Rankings  
 100%
Total:52
This week:52
All time:10,588
This week:1Up

  Applications that use this package  
No pages of applications that use this class were specified.

Add link image If you know an application of this package, send a message to the author to add a link here.