RamblingRoss
The blog of Ross Fruen, a .NET consultant

reCAPTCHA and nms FormMail - part I

Another site I manage uses nms FormMail to provide visitors with a way to get in contact.

To help reduce spam encountered by this site a reCAPTCHA challenge has been added to the form used by FormMail.

This post, together with the second in the series, discuss the changes required to add reCAPTCHA to nmsFormMail.

To achieve this the following changes were made to the nms FormMail script...

At the beginning of the script reference the light weight user agent LWP::UserAgent...

...

use strict;
use vars qw(
  $DEBUGGING $emulate_matts_code $secure %more_config
  $allow_empty_ref $max_recipients $mailprog @referers
  @allow_mail_to @recipients %recipient_alias
  @valid_ENV $date_fmt $style $send_confirmation_mail
  $confirmation_text $locale $charset $no_content
  $double_spacing $wrap_text $wrap_style $postmaster 
  $address_style
);
use LWP::UserAgent;
...

In the handle_request() method add a call to check_captcha after checking for missing fields.

...
 my @missing = $self->get_missing_fields;
  if (scalar @missing) {
    $self->missing_fields_output(@missing);
    return;
  }

  $self->check_captcha    or return;

  my $date     = $self->date_string;
...

After check_method_is_post() insert the sub routine check_captcha()... Not forgetting to replace 'your_private_key' with your private key.

...
=item check_captcha ()

Check the CAPTCHA response via the reCAPTCHA service.

=cut

sub check_captcha {
    
  my ($self) = @_;
  my ($ua) = LWP::UserAgent->new(); 
  my ($result) = ($ua)->post(
	'http://api-verify.recaptcha.net/verify', 
	{  
		privatekey => 'your_private_key', 
		remoteip   => $ENV{'REMOTE_ADDR'}, 
		challenge => $self->{Form}{'recaptcha_challenge_field'}, 
		response => $self->{Form}{'recaptcha_response_field'} 
	});
  
	if ( $result->is_success && $result->content =~ /^true/) {
		return 1;
	} else {
	
		if ($self->{FormConfig}{'captcha_fail_redirect'}) {
			print $self->cgi_object->redirect( $self->{FormConfig}{'captcha_fail_redirect'} );
			
			return 0;
		}
		else {
			my ($self) = @_;
			$self->error_page( 'Error: Captcha Check Failed', <<END );
<p>
  The Captcha response of the form you submitted did not match the challenge.
  Please check the form and make sure that your response matches the challenge in the captcha image.
  You can use the browser back button to return to the form.
</p>
END
			return 0;	
		}
	}
}
...

Add an additional form field captcha_fail_redirect to configuration_form_fields

...

   return_link_url
    print_blank_fields
    missing_fields_redirect
    captcha_fail_redirect
  );
}
...

And finally add captcha_fail_redirect to the list of valid names in parse_config_form_input

...
  my $val = $self->strip_nonprint($self->cgi_object->param($name));
  if ($name =~ /return_link_url|redirect|captcha_fail_redirect$/) {
    $val = $self->validate_url($val);
  }
  $self->{FormConfig}{$name} = $val;
...

A modified nms FormMail script is available for download.

Comments

  1. Thanks for this information, I was not sure I was going to be able to get this to work for me but your instructions worked like a charm.

    - Written on 23rd November 2010 by SN
  2. Thank you so much!! I have been fighting with adding a captcha to our contact form for a week now. Nothing worked until I found yours. Thanks again!!

    -Steve

    A Touch of Ozark

    - Written on 6th November 2012 by Steve
  3. Thank you for this. However, I get an error message "Internal Server Error. Could not execute script '/var/sites/w/xxx/public_html/post/web3.cgi'. suPHP 0.7.2" (where "xxx" is the full website address). This happens whether I use my own nms Formmail script modified in accordance with your instructions or the sample script that you have provided.

    - Written on 3rd May 2021 by Peter
  4. Hi Peter,

    To get much further with this you will need to gather more details on the internal server error. Instructions on how to get these logs can be found by searching for "turn on php error logging".

    Even with these log files I suspect you will have difficulties with the code as it is based around version 1 of ReCaptcha. Ten years later and Google have moved on to version 3. As this site no longer uses ReCaptcha for its anti-spam protection I can't say what changes will be required to the script to support the latest version of the API.

    Sorry I can't help more.

    - Written on 4th May 2021 by Ross
  5. Hello Ross

    Thank you for taking the trouble to reply, much appreciated.

    I realise that your script and nms Formmail are both now long in the tooth. I have decided to abandon Formmail and go for a PHP solution. But as I know no more about PHP than I know about Perl, it's an uphill battle.

    Still, onwards and upwards.

    Best wishes

    Peter

    - Written on 4th May 2021 by Peter

Add a comment

If you want your comment to appear on this page please complete the form below. Your name and email address are optional, although the latter will be required if you want a response. Your email address will not appear against your comment and will only be used to correspond with yourself (where appropriate).

Thanks!

Thank you for submitting your comment, it will appear here after moderation is complete.

Sorry

There was a problem sending your comment, please try again.