HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

how to implement htcaptcha vanilla 3??

i have not seen anyone using htcaptcha. i think it is a good alternative to recaptcha.

which part of vanilla 3 contain the registration??



  • Options
    R_JR_J Ex-Fanboy Munich Admin

    reCaptcha is a plugin and everything you want to change/add should be a plugin, too. I would recommend to copy the recaptcha plugin folder and try to customize it for that other captcha service

  • Options

    thanks for the input👍️

    i could not quite understand their guide.

    1. Add the JavaScript library to your page, for example in the <HEAD> or <BODY> block
    <script src='https://www.hCaptcha.com/1/api.js' async defer></script>
    1. Add this HTML code where you want to show the hCaptcha button, for example inside a login form. Remember to replace “your_site_key” with your actual site key!
    <div class="h-captcha" data-sitekey="your_site_key"></div>

    In order to confirm the user sent you a real passcode, and in order to get credited for the answer, you must check the result from your server while providing your secret.

    The simplest way to do this with PHP is something like the following. Remember to replace “your_secret_key” with your actual secret!

    if you prefer the cURL style, you could use:

    <?php$data = array(
                'secret' => "my-secret (should start with 0x..)",
                'response' => $_POST['h-captcha-response']
            );$verify = curl_init();
    curl_setopt($verify, CURLOPT_URL, "https://hcaptcha.com/siteverify");
    curl_setopt($verify, CURLOPT_POST, true);
    curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data));
    curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($verify);// var_dump($response);$responseData = json_decode($response);
    if($responseData->success) {
        // your success code goes here
    else {
       // return error to user; they did not pass

  • Options
    R_JR_J Ex-Fanboy Munich Admin

    If you do not understand their tutorial, I guess that you have nothing done with PHP or JavaScript before. That makes writing a plugin like that for Vanilla quite hard... ;-)

    Normally I would say that writing a plugin for Vanilla is a very good first step into programming, but writing a plugin for this requirement is not suited for a beginners plugin. You should consider paying somebody if you really would like to see that captcha in your own forum.

  • Options

    yeah i do not know php or javascripts ;-)

    • yet somehow i managed..but not working fully...

  • Options
    R_JR_J Ex-Fanboy Munich Admin

    If you share your code, we might be able to solve the next step.

  • Options

    not my code🤗.. using recaptcha plugin. Could use captcha all ok.. but when pressing register i got NO REPONSE form hcaptcha.

    i think this is reponsible

    public function validateCaptcha($captchaText) {
            $api = new Garden\Http\HttpClient('https://www.hCaptcha.com/1/api.js');
           $data = [
               'secret' => $this->getSecretKey(),
               'response' => $captchaText
           $response = $api->get('/siteverify', $data);
           if ($response->isSuccessful()) {
               $result = $response->getBody();
               $errorCodes = val('error_codes', $result);
               if ($result && val('success', $result)) {
                   return true;
               } else if (!empty($errorCodes) && $errorCodes != ['invalid-input-response']) {
                   throw new Exception(formatString(t('No response from hCAPTCHA.').' {ErrorCodes}', ['ErrorCodes' => join(', ', $errorCodes)]));
           } else {
               throw new Exception(t('No response from hCAPTCHA.'));
           return false;

  • Options
    R_JR_J Ex-Fanboy Munich Admin

    I hope you meant that you have duplicated the recaptcha plugin and you are working on the copy ;-)

    Have you tried inspecting your network console? That should give you clue what is happening, but from looking at the code I would say the problem is this:

    $api = new Garden\Http\HttpClient('https://www.hCaptcha.com/1/api.js');
    $response = $api->get('/siteverify', $data);

    The $api holds the address to the JavaScript file while it should only be the main site. The verification endpoint is given with the get request,

  • Options


    not working...going to try question plugin.

  • Options
    K17K17 Français / French Paris, France ✭✭✭

    Hi :D

    Just made a hCaptcha implementation using the reCaptcha addon as a base.

    Here you can get it: https://open.vanillaforums.com/addon/hcaptcha-plugin

    But dont forget to first disable recaptcha on your dashboard, or you will have some conflicts between hCaptcha and reCaptcha.

Sign In or Register to comment.