Anti spam contact form security for prestashop with recaptcha

Публикувано 2 Year ago

Step 1 Setup your Google reCAPTCHA Account @ https://www.google.com/recaptcha/intro/index.html

Step 2 Download "EICAPTCHA-MASTER.ZIP". To install you will need to do this manually by uploading the ZIP file via filezila to your hosting account MODULES folder, Extracting it and Renaming it to eicaptcha.

Step 3 Configure your eicaptcha module and enter your PUBLIC KEY and SECRET KEY, from your google recapcha API

Step 4 Make a Copy of your "contact-form.tpl" file at "/Themes/YourTheme/contact-form.tpl"

Step Edit contact-form.tpl above

<div style="text-align:right;" class="submit">
<button type="submit" name="submitMessage" id="submitMessage" class="button btn btn-default button-medium"><span>{l s='Send'}<i class="icon-chevron-right right"></i></span></button>

add the following code

{if $captcha} <p> <script src='https://www.google.com/recaptcha/api.js'></script> <div class="g-recaptcha" data-sitekey="YOUR_PUBLIC_KEY"></div> </p> {/if}

Step 6 Change ContactControler.php, located in /controllers/front/ContactControler.php - search the postProcess() function it should be at the begining (2nd function) and add

if (Tools::isSubmit('submitMessage')) {
 $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
 $file_attachment = Tools::fileAttachment('fileUpload');
 $message = Tools::getValue('message'); // Html entities is not usefull, iscleanHtml check there is no bad html tags.
 $id_order = (int)$this->getOrder();
 if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
 $this->errors[] = Tools::displayError('Invalid email address.');
// add the 2 lines from here
 } elseif (!($gcaptcha = (int)(Tools::getValue('g-recaptcha-response')))) {
 $this->errors[] = Tools::displayError('Captcha error');
// to here