This repo contains a comprehensive collection of most of the captcha plugins I've coded for Crema's sites.
Crema Captcha v4.3.7 (Jun 2020) New
New Features:
User Info: Added back the User Info feature, which collects data like language, location, IP address, host referrer, and user agent. This info can now be submitted with your email for debugging / future location-based spam blocking.
Rebuilt the docs site on Twig and Bootstrap v4. Updated documentation.
Fixes:
Fixed multiple-firing callback bug: If the form was validated or invalidated previously and remains the same, it now ignores the callback
Fixed formtoJSON function — this function wasn’t properly grabbing data for checkboxes
Added more control over debugging, so we don’t litter the console with debugging statements.
Fixed issue with Bootstrap version detection
Code Cleanup: Converted functions to es6 imports and simplified code across both plugin and docs.
Crema Captcha v4.3.0 (Feb 2018)
All plugin code was converted from jQuery to pure javascript, so the jQuery dependency could be removed. I've bumped this up a minor point, since the previous init is incompatible.
Crema Captcha v4.2.0 (Jan 2018)
This is considered a breaking change, since the settings object was rebuilt. These changes made the plugin easier to initialize.
Crema Captcha v4.1.1 (Jan 2018)
Plugin was converted to ES6 javascript with various open-source NPM modules such as Rollup and Babel. Settings remained the same. This made the build process more accessible and predictable. Sorry, @bdkjones 🤗
Crema Captcha v4.1.0 (Dec 2018)
The plugin got rewritten again to make everything more organized and efficient. Here are the key differences:
Plugin settings is now a multi-tier JSON object, instead of a one-dimensional array. This allows us to group related properties within subarrays, such as filters. However, it is also a bit more complex.
ALL filters are now completely on. That is, the Russian and Profanity filters now block the messages, instead of changing the subject lines. That makes things simpler and more consistent.
A lot of the validation has been moved out of functions and into the main one, since I started feeling like stuff was too fractured.
All of the validation now cycles through the inputs once, instead of half a dozen times. I'm then cycling through each enabled filter and using a single variable to determine if form is valid/invalid. This should make everything much more efficient.
I'm now inserting the user/location data <script> tags into the page by scraping location-data.php with JS, instead of using an SSI include. As a result, I'm now using jQuery promises to alleviate the async load order issues.
Automatically detects Bootstrap version. This can be overridden when initializing the plugin though.
Known Issues:
The new "timer" filter validation doesn't properly reset after clicking the "Bot Test" button.
Clicking the first checkbox will correctly trigger the profanity spam, but won't set the checkbox state to active.
Crema Captcha v4.0 (Dec 2018)
This plugin is a spinoff of the one above with additional FormMail features.
It has a few new features:
TimeToComplete Validation: This validation calculates the time it takes the user to complete the form. If it is less than 1 second, then it assumes the user is a bot. This validation currently displays an alert if a user is flagged — eventually I'll finish merging it into the rest of the captcha.
Crema Craft Captcha v4.0 (Dec 2018)
This captcha was a major rewrite of our previous captcha, built specifically for Craft CMS. Since it was built specifically for the Craft CMS contact-form plugin, I used the CSRF token and a hidden action field when switching on/off validation — instead of data-attributes and form actions.
It has several new features:
Unlike previous versions, it was a jQuery plugin with customizeable options.
Added a Russian filter that flags the subject line of messages with cryllic characters.
New profanity filter that flags the subject line of messages with too much profanity.
Collects advanced debugging info such as location from an ip lookup service. It also captures user info via php and javascript. This which may be useful for further filtering/debugging.
Crema Captcha v3.0 (Oct 2017)
Captcha was updated to be more modular, so it could initialize more like a plugin and run into less conflicts. Since it contains breaking changes, it must be upgraded to on a site-by-site basis. Unfortunately, there is a known conflict with CRM.
Init Formmail v2.0b (Apr 2017)
This is a stripped down version of init-formmail-v2, which is meant to be used on a wider variety of forms. This alternative captcha was built for the Agent Quoter. It requires a class of .hasCaptcha.
Init Formmail v2.0 (2017)
This was the first big rewrite of our captcha, using bs3-init-formmail.js as a base. It too required a class of .formmail.
It had several new features:
Automatically inserted default FormMail fields, based on the FormClass variable and data-attributes.
Added support for textareas and selects
Started validating required fields on every field blur
Added a basic console debugging mode.
Split apart the plugin into more modular functions.
Shared components like environment, translations, and tab-modal linking were moved into the CodeKit framework to reduce code duplication.
This is also the first plugin to take full advance of a git repo.
Parsley Validation (2016)
This plugin added support for data-masking, validation rules, and custom error messages. However, the plugin's complexity discouraged me from using it on future projects. It used to be on https://mwgseniorservices.com/video, but was commented out since its aspx conunterpart wasn't compatible with our Linux-based webhost.
A version of my super-basic honeypot and checkbox captcha made a brief appearance as well.
Frankenstein Captcha (2015-2017)
This captcha (only used on Georgia Blue) is a combination of v1 and v2. Hasn't been completely upgraded yet.
Init FormMail v1.0 (2015-2016)
This loose collection of iterator functions and event handlers was coded for the MWG International website. It had basic checkbox/honeypot validation and translations. It automatically initialized and only worked with forms with a .formmail class. Originally in the BS3 framework.
H5 Validate Captcha (2013)
My first attempt with captcha used the H5 Validate plugin, which was popular at the time.
However, that plugin did have some nice features while it was working. It performed validation using HTML5 required and pattern attributes, supported custom error messages, and had customizeable plugin options.
This was also my first attempt at implementing custom honeypot and checkbox captcha.
All that being said, the Mestmaker form has been broken for a few years and the H5 Validate plugin stopped being maintained about six years ago. In fact, IE9 was the last browser it supported. But hey, nobody's complained yet.