This tutorial demonstrates building a WordPress plugin that integrates Google reCAPTCHA into the WordPress login system. The plugin uses the HTTP API to send a POST request to reCAPTCHA, validating user CAPTCHA responses.
The plugin development involves creating a PHP class with properties for reCAPTCHA keys, adding the CAPTCHA to the login form, and validating responses. The code shows how to send a POST request to https://www.google.com/recaptcha/api/verify
with necessary parameters. This enhances website security by differentiating humans from bots, preventing unauthorized access attempts.
A previous tutorial explored the WordPress HTTP API. This tutorial builds upon that, showcasing API consumption within a WordPress plugin. We previously built a Domain WHOIS and Social Data WordPress Widget using the HTTP API.
Below is a screenshot of the WordPress login form with the integrated CAPTCHA:
Plugin Development
Before coding, register your domain on reCAPTCHA and obtain your public and private API keys.
1. Plugin Header:
<?php /* Plugin Name: WP Login Form with reCAPTCHA Plugin URI: https://www.sitepoint.com Description: Adds Google's reCAPTCHA to WordPress Login Version: 1.0 Author: Agbonghama Collins Author URI: http://w3guy.com License: GPL2 */
2. PHP Class:
Create a PHP class to store reCAPTCHA keys:
class reCAPTCHA_Login_Form { private $public_key, $private_key; public function __construct() { $this->public_key = '6Le6d-USAAAAAFuYXiezgJh6rDaQFPKFEi84yfMc'; $this->private_key = '6Le6d-USAAAAAKvV-30YdZbdl4DVmg_geKyUxF6b'; add_action( 'login_form', array( $this, 'captcha_display' ) ); add_action( 'wp_authenticate_user', array( $this, 'validate_captcha_field' ), 10, 2 ); } public function captcha_display() { ?> <🎜> <noscript> <iframe src="https://www.google.com/recaptcha/api/noscript?k=<?=$this->public_key?>" height="300" width="300" frameborder="0"></iframe><br><br> <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea> <input type="hidden" name="recaptcha_response_field" value="manual_challenge"> </noscript> <?php } public function validate_captcha_field($user, $password) { if ( ! isset( $_POST['recaptcha_response_field'] ) || empty( $_POST['recaptcha_response_field'] ) ) { return new WP_Error( 'empty_captcha', 'CAPTCHA cannot be empty' ); } if( isset( $_POST['recaptcha_response_field'] ) && $this->recaptcha_response() === 'false' ) { return new WP_Error( 'invalid_captcha', 'Incorrect CAPTCHA response' ); } return $user; } public function recaptcha_response() { $challenge = isset($_POST['recaptcha_challenge_field']) ? esc_attr($_POST['recaptcha_challenge_field']) : ''; $response = isset($_POST['recaptcha_response_field']) ? esc_attr($_POST['recaptcha_response_field']) : ''; $remote_ip = $_SERVER["REMOTE_ADDR"]; $post_body = array( 'privatekey' => $this->private_key, 'remoteip' => $remote_ip, 'challenge' => $challenge, 'response' => $response ); return $this->recaptcha_post_request( $post_body ); } public function recaptcha_post_request( $post_body ) { $args = array( 'body' => $post_body ); $request = wp_remote_post( 'https://www.google.com/recaptcha/api/verify', $args ); $response_body = wp_remote_retrieve_body( $request ); $answers = explode( "\n", $response_body ); $request_status = trim( $answers[0] ); return $request_status; } } new reCAPTCHA_Login_Form();
3. Plugin Instantiation:
Finally, instantiate the class:
new reCAPTCHA_Login_Form();
This completes the plugin code. Download the complete plugin for use or further study. This is part of a series demonstrating WordPress HTTP API usage in plugins.
(FAQs section removed for brevity, as it doesn't require re-writing for pseudo-originality. The content is factual and doesn't need alteration.)
The above is the detailed content of Integrating a CAPTCHA with the WordPress Login Form. For more information, please follow other related articles on the PHP Chinese website!

Yes,WordPressisexcellentforcreatingaportfoliowebsite.1)Itoffersnumerousportfolio-specificthemeslike'Astra'foreasycustomization.2)Pluginssuchas'Elementor'enableintuitivedesign,thoughtoomanycanslowthesite.3)SEOisenhancedwithtoolslike'YoastSEO',boosting

WordPressisadvantageousovercodingawebsitefromscratchdueto:1)easeofuseandfasterdevelopment,2)flexibilityandscalability,3)strongcommunitysupport,4)built-inSEOandmarketingtools,5)cost-effectiveness,and6)regularsecurityupdates.Thesefeaturesallowforquicke

WordPressisaCMSduetoitseaseofuse,customization,usermanagement,SEO,andcommunitysupport.1)Itsimplifiescontentmanagementwithanintuitiveinterface.2)Offersextensivecustomizationthroughthemesandplugins.3)Providesrobustuserrolesandpermissions.4)EnhancesSEOa

Enable comments on your WordPress website to provide visitors with a platform to participate in discussions and share feedback. To do this, follow these steps: Enable Comments: In the dashboard, navigate to Settings > Discussions, and select the Allow Comments check box. Create a comment form: In the editor, click Add Block and search for the Comments block to add it to the content. Custom Comment Form: Customize comment blocks by setting titles, labels, placeholders, and button text. Save changes: Click Update to save the comment box and add it to the page or article.

How to copy WordPress subsites? Steps: Create a sub-site in the main site. Cloning the sub-site in the main site. Import the clone into the target location. Update the domain name (optional). Separate plugins and themes.

The steps to create a custom header in WordPress are as follows: Edit the theme file "header.php". Add your website name and description. Create a navigation menu. Add a search bar. Save changes and view your custom header.

Enable comments in WordPress website: 1. Log in to the admin panel, go to "Settings" - "Discussions", and check "Allow comments"; 2. Select a location to display comments; 3. Customize comments; 4. Manage comments, approve, reject or delete; 5. Use <?php comments_template(); ?> tags to display comments; 6. Enable nested comments; 7. Adjust comment shape; 8. Use plugins and verification codes to prevent spam comments; 9. Encourage users to use Gravatar avatar; 10. Create comments to refer to

You can install the FTP plug-in through WordPress, configure the FTP connection, and then upload the source code using the file manager. The steps include: installing the FTP plug-in, configuring the connection, browsing the upload location, uploading files, and checking that the upload is successful.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft

MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function

SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.

Dreamweaver Mac version
Visual web development tools
