Adding reCAPTCHA to your Datarealm Forms
In order to limit the amount of spam submitted through website forms and to verify that it is a valid person entering data into your forms instead of a spammer or a bot, you can take advantage of the Google's reCAPTCHA system. Please follow the steps below to add a reCAPTCHA challenge to your Datarealm SecureForm or FormMail pages.
1) To enable reCAPTCHA on your Datarealm forms, you will first need to visit Google's page and request a public and private key -
Please make note of both your public and private keys and store the data somewhere safe.
PLEASE NOTE - Your keys are based on your domain name. You can use the same keys for multiple forms under the same domain. You can even create keys for more than one domain at a time and in doing so, forms hosted under multiple domains can share the same keys. If you want to use reCAPTCHA on forms created at a later date under a new domain, you will need to request a new pair of keys.
2) Put the private key by itself in a simple text file in your hosting account. Make sure the file is not readable from the web. Its permissions should be 0600 and you should not be able to pull it up from your web browser. If you need help with File permissions, please see this page. Take note the location of your file relative to your document root for that domain. For the sake of this example, we are going to assume the text file is called "private.key" and that it was placed in the main directory of your account.
3) Add the following code to your secure form page BEFORE your submit button :
<input type="hidden" name="username" value="your_username">
<input type="hidden" name="enable_recaptcha" value="true">
<input type="hidden" name="recaptcha_key" value="/private.key">
<input type="hidden" name="recaptcha_fail" value="http://www.yourdomain.com/fail.html">
<iframe src="http://www.google.com/recaptcha/api/noscript?k=your_public_key" height="300" width="500" frameborder="0"></iframe>
<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
<input type="hidden" name="recaptcha_response_field" value="manual_challenge">
IMPORTANT NOTES :
- On the first line, you need to replace "your_username" with your actual account username.
- The "recaptcha_key" value is set to the name and location of the text file which contains your private key. In this example, we chose to call the file "private.key" and it was placed in the root directory of the hosting account. Thus we see the value of "/private.key". If you had a file called "key.txt" and it was placed in a directory called "forms", you might specify "/form/key.txt" as the value for the "recaptcha_key"
- The 'recaptcha_fail' line is optional and will point users to a custom error page if they enter an invalid response or skip the reCAPTACH. If you use this line, you will need to specify a custom error page. The above example assumes you will replace "yourdomain.com" with your actual domain and "fail.html" with the name of the file you have created or selected to display when a person fails to enter the correct reCAPTCHA text. If you leave the 'recaptcha_fail' value out of your code, a default error page will tell the user the reCAPTCHA has failed and the form data will not be submitted.
- In both the script src and iframe src lines we see the text "your_public_key". This literally needs to be replaced with the public key as provided by Google.
That's all there is to it! Once the reCAPTCHA is active, users will not be able to submit forms unless they enter in the correct detail from the reCAPTACH image.
Please let us know if you need any help with this!