'', 'grecaptcha_secret_key' => '', ); $settings = array_merge($defaults, $settings); return $settings; } public function add_default_form_settings($settings) { $defaults = array( 'grecaptcha_enabled' => 0, ); $settings = array_merge($defaults, $settings); return $settings; } public function sanitize_settings($data, $raw_data) { if (!isset($data['settings']['grecaptcha_enabled']) || !$data['settings']['grecaptcha_enabled']) { return $data; } // only enable grecaptcha if both site & secret key are set $global_settings = mc4wp_get_settings(); $data['settings']['grecaptcha_enabled'] = isset($global_settings['grecaptcha_site_key']) && isset($global_settings['grecaptcha_secret_key']) && strlen($global_settings['grecaptcha_site_key']) === 40 && strlen($global_settings['grecaptcha_secret_key']) === 40 ? '1' : '0'; return $data; } public function load_script() { $global_settings = mc4wp_get_settings(); // do not load if no forms with Google reCAPTCHA enabled were outputted if (empty($this->form_ids) || empty($global_settings['grecaptcha_site_key']) || empty($global_settings['grecaptcha_secret_key'])) { return; } // load Google reCAPTCHA script echo sprintf('', esc_attr($global_settings['grecaptcha_site_key'])); // hook into form submit ?>settings['grecaptcha_enabled']) { return; } if (!in_array($form->ID, $this->form_ids)) { $this->form_ids[] = $form->ID; } } public function verify_token(array $errors, MC4WP_Form $form) { // Check if form has Google ReCaptcha enabled if (!$form->settings['grecaptcha_enabled']) { return $errors; } // Verify token if (empty($_POST['_mc4wp_grecaptcha_token'])) { $errors[] = 'spam'; return $errors; } $global_settings = mc4wp_get_settings(); $token = $_POST['_mc4wp_grecaptcha_token']; $response = wp_remote_post('https://www.google.com/recaptcha/api/siteverify', array( 'body' => array( 'secret' => $global_settings['grecaptcha_secret_key'], 'response' => $token, ), )); $response_code = wp_remote_retrieve_response_code($response); if ($response_code >= 400) { // The request somehow failed... Allow the sign-up to go through to not break sign-up forms when Google reCaptcha is down (unlikely) return $errors; } $response_body = wp_remote_retrieve_body($response); $data = json_decode($response_body, true); $score_treshold = apply_filters('mc4wp_grecaptcha_score_treshold', 0.5); if (isset($data['error-codes']) && in_array('invalid-input-secret', $data['error-codes'])) { $this->get_log()->warning(sprintf('Form %d > Invalid Google reCAPTCHA secret key', $form->ID)); return $errors; } if ($data['success'] === false || !isset($data['score']) || $data['score'] <= $score_treshold || $data['action'] !== 'mc4wp_form_submit') { $errors[] = 'spam'; return $errors; } return $errors; } public function show_settings(array $settings, MC4WP_Form $form) { $global_settings = mc4wp_get_settings(); ?> /> ‏ /> ‏

'mc4wp_form[settings][grecaptcha_enabled]', 'value' => 1 ); ?>

retrieve your keys in the Google reCAPTCHA admin console or read our help article on how to configure Google reCAPTCHA.', 'mailchimp-for-wp'), 'https://g.co/recaptcha/v3', 'https://kb.mc4wp.com/google-recaptcha-forms/'); ?>

'mc4wp_form[settings][grecaptcha_enabled]', 'value' => 1 ); ?>