Hello
We get lots of spam from our joint form at our website.
I was asked to implement open source code from reCaptcha. The problem is that our website is in couldFusion. I have no idea about it at all.
I got reCaptcha image displayed on our join form but it does not do anything. I am doing something wrong, just don't know exactly what.
Public Key: Use this key in the JavaScript code that is served to your users
Private Key: Use this key when communicating between your server and our server. Be sure to keep it a secret.
This is the partial code from join.cfm
Code:
<p class="body1"><font color="#FF0000">By clicking "Join the Coalition" below, you indicate your acceptance of these Terms of Service. You can make payment (if necessary) shortly. </font></p>
<p>
<!--- this portion displays reCuptcha image on our website. I have already added keys for our website. --->
<script type="text/javascript"
src="http://api.recaptcha.net/challenge?k=<your_public_key>">
</script>
<noscript>
<iframe src="http://api.recaptcha.net/noscript?k=<your_public_key>"
height="300" width="500" frameborder="0"></iframe><br>
<textarea name="recaptcha_challenge_field" rows="3" cols="40">
</textarea>
<input type="hidden" name="recaptcha_response_field"
value="manual_challenge">
</noscript>
<input type="submit" name="Submit" value="Join the Coalition">
</p>
<p class="body1"> </p>
</cfform>
This is just to display.
Now I want it to work and check if it is actually someone entering info. So I have open source code but how do I actually connect all of this together.
Here is the open source code for reCaptcha.
Code:
<!---
Use the reCAPTCHA API to verify human input.
reCAPTCHA improves the process of digitizing books by sending words that
cannot be read by computers to the Web in the form of CAPTCHAs for
humans to decipher. More specifically, each word that cannot be read
correctly by OCR is placed on an image and used as a CAPTCHA. This is
possible because most OCR programs alert you when a word cannot be read
correctly.
You will need a key pair from http://recaptcha.net/api/getkey to use this tag.
Sample 1 - Combined check/render
--------------------------------
<html>
<body>
<cfform>
<cf_recaptcha
privateKey="...your private key..."
publicKey="...your public key...">
<cfinput type="submit" name="submit">
</cfform>
<cfif isDefined("form.submit")>
<cfoutput>recaptcha says #form.recaptcha#</cfoutput>
</cfif>
</body>
</html>
Sample 2 - Separate check/render
--------------------------------
<html>
<body>
<cf_recaptcha action="check"
privateKey="...your private key..."
publicKey="...your public key...">
<cfif isDefined("form.submit")>
<cfoutput>recaptcha says #form.recaptcha#</cfoutput>
</cfif>
<cfform>
<cf_recaptcha
privateKey="...your private key..."
publicKey="...your public key...">
<cfinput type="submit" name="submit">
</cfform>
</body>
</html>
@param publicKey Public key sent from browser with request for a challenge string.
Note that if this is wrong you will not get a ColdFusion error and
an error message will appear in place of the reCAPTCHA form controls.
@param privateKey Private key sent from ColdFusion server to reCAPTCHA's verification service.
@param action render|check default render.
"render" checks the submitted form and renders the reCAPTCHA form field.
"check" checks the submitted form but does not render the form field.
@param ssl set true if form on ssl page to use secured version of reCAPTCHA API and
avoid browser complaints.
@param theme red|white|blackgrass default red. Changes look of reCAPTCHA form field.
@param tabIndex tabIndex of entry field on form.
@return sets form.recaptcha to true/false
@throws RECAPTCHA_ATTRIBUTE Missing or invalid attribute
RECAPTCHA_NO_SERVICE Cannot contact verification service
RECAPTCHA_VERIFICATION_FAILURE Verification service responded with an error
@see http://recaptcha.net/apidocs/captcha/
@author 2007 RocketBoots Pty Limited http://www.rocketboots.com.au
The reCAPTCHA Custom Tag is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
The reCAPTCHA Custom Tag is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
@version $Id: recaptcha.cfm 282 2007-05-29 09:27:36Z robin $
--->
<cfscript>
CHALLENGE_URL = "http://api.recaptcha.net";
SSL_CHALLENGE_URL = "https://api-secure.recaptcha.net";
VERIFY_URL = "http://api-verify.recaptcha.net/verify";
</cfscript>
<cfif not structKeyExists(attributes, "publicKey")>
<cfthrow type="RECAPTCHA_ATTRIBUTE"
message="recaptcha: required attribute 'publicKey' is missing">
</cfif>
<cfif not structKeyExists(attributes, "privateKey")>
<cfthrow type="RECAPTCHA_ATTRIBUTE"
message="recaptcha: required attribute 'privateKey' is missing">
</cfif>
<cfset sInvalidAttr="action not render|check">
<cfparam name="attributes.action" default="render">
<cfif REFind("(render|check)", attributes.action) eq 0>
<cfthrow type="RECAPTCHA_ATTRIBUTE" message="recaptcha: attribute #sInvalidAttr#">
</cfif>
<cfset sInvalidAttr="theme not red|white|blackglass">
<cfparam name="attributes.theme" default="red">
<cfif REFind("(red|white|blackglass)", attributes.theme) eq 0>
<cfthrow type="RECAPTCHA_ATTRIBUTE" message="recaptcha: attribute #sInvalidAttr#">
</cfif>
<cftry>
<cfset sInvalidAttr="ssl not true|false">
<cfparam name="attributes.ssl" type="boolean" default="false">
<cfset sInvalidAttr="tabIndex not numeric">
<cfparam name="attributes.tabIndex" type="numeric" default="0">
<cfcatch type="any">
<cfthrow type="RECAPTCHA_ATTRIBUTE"
message="recaptcha: attribute #sInvalidAttr#">
</cfcatch>
</cftry>
<cfif isDefined("form.recaptcha_challenge_field") and isDefined("form.recaptcha_response_field")>
<cftry>
<cfhttp url="#VERIFY_URL#" method="post" timeout="5" throwonerror="true">
<cfhttpparam type="formfield" name="privatekey" value="#attributes.privateKey#">
<cfhttpparam type="formfield" name="remoteip" value="#cgi.REMOTE_ADDR#">
<cfhttpparam type="formfield" name="challenge" value="#form.recaptcha_challenge_field#">
<cfhttpparam type="formfield" name="response" value="#form.recaptcha_response_field#">
</cfhttp>
<cfcatch>
<cfthrow type="RECAPTCHA_NO_SERVICE"
message="recaptcha: unable to contact recaptcha verification service on url '#VERIFY_URL#'">
</cfcatch>
</cftry>
<cfset aResponse = listToArray(cfhttp.fileContent, chr(10))>
<cfset form.recaptcha = aResponse[1]>
<cfset structDelete(form, "recaptcha_challenge_field")>
<cfset structDelete(form, "recaptcha_response_field")>
<cfif aResponse[1] eq "false" and aResponse[2] neq "incorrect-captcha-sol">
<cfthrow type="RECAPTCHA_VERIFICATION_FAILURE"
message="recaptcha: the verification service responded with error '#aResponse[2]#'. See http://recaptcha.net/apidocs/captcha/ for error meanings.">
</cfif>
<cfelse>
<cfset form.recaptcha = false>
</cfif>
<cfif attributes.action eq "render">
<cfif attributes.ssl>
<cfset challengeURL = SSL_CHALLENGE_URL>
<cfelse>
<cfset challengeURL = CHALLENGE_URL>
</cfif>
<cfoutput>
<script type="text/javascript">
<!--
var RecaptchaOptions = {
theme : '#attributes.theme#',
tabindex : #attributes.tabIndex#
};
//-->
</script>
<script type="text/javascript"
src="#challengeURL#/challenge?k=#attributes.publicKey#">
</script>
<noscript>
<iframe src="#challengeURL#/noscript?k=#attributes.publicKey#"
height="300" width="500" frameborder="0"></iframe><br>
<textarea name="recaptcha_challenge_field" rows="3" cols="40">
</textarea>
<input type="hidden" name="recaptcha_response_field"
value="manual_challenge">
</noscript>
</cfoutput>
</cfif>
When I add the following code at the bottom I get error:
Quote:
Error Diagnostic Information
An error occurred while evaluating the expression:
not structKeyExists(attributes, "publicKey")
Error near line 473, column 6.
Error resolving parameter ATTRIBUTES
ColdFusion was unable to determine the value of the parameter. This problem is very likely due to the fact that either:
1. You have misspelled the parameter name, or
2. You have not specified a QUERY attribute for a CFOUTPUT, CFMAIL, or CFTABLE tag.
The error occurred while processing an element with a general identifier of (CFIF), occupying document position (473:1) to (473:51).
|
After someone click on submit, I need to verify that the response he entered in the field named recaptcha_response_field is correct. So, I need to send a http request to the recaptcha server to verify that the response is correct.
Everything is explained here : http://recaptcha.net/apidocs/captcha/
for example the php library provide one easy function to do the
request to the recaptcha server and get back true or false depending on the answer of the user.
This is all fine for php, but I need it in cold fusion format, which I have no clue about it.
I appreciate any suggestions.
Thanks
Dev Articles Community Forums Sponsor:
November 21st, 2007, 01:55 PM
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
