Hiding a link behind recaptcha
-
I thought it should be something simple, and maybe it is. Maybe I’m just a newbie who don’t really understand html beyond the most simple, and never had been writing a line of php until now. On my homepage, I have a page where I show email addresses; they are obfuscated by one of the many plugins to do so, but I still don’t want a direct link to this page. In stead, I wanted that a link to the page only should work after solving a google recaptcha. I now finally made it work as you can see by going to engsig.com/contact.
In the end, it really is simple, so let me show how. In addition to the WP page with the actual email addresses, I have an extra, intermediate page, that is nothing but a small PHP, which either shows a “captcha wrong” message or uses html meta to go to the real WP page with email addresses.
The code that I put on my contacts page is very similar to what can be found at e.g. google’s developer pages with this snippet:
<script type="text/javascript"> var onloadCallback = function() { grecaptcha.render('html_element', { 'sitekey' : 'mysitekeyhere' }); }; </script> <form action="/email/" method="POST"> <div id="html_element"></div> <input type="submit" value="Get email" /> </form><script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit" async defer> </script>Irrespective of whether the captcha has been solved or not, the action is to go the the “/email/” page. In there, the verification takes place by having an index.php (which is saved completely outside the WP directory structure) with this contents:
<?php $captcha; if(isset($_POST['g-recaptcha-response'])){ $captcha=$_POST['g-recaptcha-response']; } if(!$captcha){ echo '<h2>Please check the captcha form.</h2>'; exit; } $secretKey = "mysitesecrekey"; $ip = $_SERVER['REMOTE_ADDR']; $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip); $responseKeys = json_decode($response,true); if(intval($responseKeys["success"]) !== 1) { echo '<h2>You cannot access this page directly</h2>'; } else { echo '<meta http-equiv="refresh" content="1; url=https://www.engsig.com/wp-page-with-emails/">'; } ?>As I said, I don’t really know PHP, but it works the way I want it to. And if I am abusing something or doing something I shouldn’t, please do let me know!
-
This topic was modified 7 years, 2 months ago by
.
-
This topic was modified 7 years, 2 months ago by
-
This topic was modified 7 years, 2 months ago by
The page I need help with: [log in to see the link]
-
This topic was modified 7 years, 2 months ago by
-
Arghh – I should have thought of that idea of having a form that would do next to nothing, except go to my email page. I guess I thought the various forms always would ask the user for some input, and eventually always send me an email.
Well, since you did’t say what I did was bad practice, I think I’ll stick to it. It also taught me a thing or two about php, which was a nice lesson for a database buy like me. And others who are making searches similar to mine may end here and get several options.
- The topic ‘Hiding a link behind recaptcha’ is closed to new replies.