williamt/Dapper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Better contact form 7 protection
All checks were successful
Generate Build Info / build-info (push) Successful in 1s
Details

Browse Source
This commit is contained in:
carpentryplus25
2026-03-10 23:35:28 -04:00
parent b10ece1b28
commit eef496ae31
1 changed files with 40 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
dapper.php
View File

@@ -1243,32 +1243,48 @@ if (class_exists('WPCF7')) {
add_filter( 'wpcf7_form_elements', 'dapper_cf7_inject_human_checkbox', 20 );
function dapper_cf7_inject_human_checkbox( $form ) {
if ( get_option( 'dapper_enable_cf7_human_checkbox', 'on' ) !== 'on' ) {
return $form;
}
$checkbox_html = '
<div class="dapper-cf7-human-check" style="margin: 1.5em 0; padding: 1em; background: #f8f9fa; border: 1px solid #ccd0d4; border-radius: 4px; text-align: center;">
<label style="font-size: 1.1em; cursor: pointer; user-select: none;">
<input type="checkbox" name="dapper_cf7_human_confirm" id="dapper_cf7_human_confirm" value="1" required style="transform: scale(1.4); margin-right: 0.8em; vertical-align: middle;">
I am human / not a robot
</label>
<input type="hidden" name="dapper_cf7_human_token" id="dapper_cf7_human_token" value="">
<input type="hidden" name="dapper_cf7_human_time" value="' . time() . '">
<p style="margin: 0.6em 0 0; font-size: 0.9em; color: #555;">Quick check to help stop spam. Thanks!</p>
</div>';
// Insert just before the submit button / </form>
$form = preg_replace( '/(<button[^>]*type=["\']submit["\'][^>]*>.*?<\/button>)/is', $checkbox_html . '$1', $form );
// Fallback: if no <button type="submit"> found, put before </form>
if ( strpos( $form, $checkbox_html ) === false ) {
$form = str_replace( '</form>', $checkbox_html . '</form>', $form );
}
if ( get_option( 'dapper_enable_cf7_human_checkbox', 'on' ) !== 'on' ) {
return $form;
}
$checkbox_html = '
<div class="dapper-cf7-human-check" style="margin: 1.5em 0; padding: 1em; background: #f8f9fa; border: 1px solid #ccd0d4; border-radius: 4px; text-align: center;">
<label style="font-size: 1.1em; cursor: pointer; user-select: none;">
<input type="checkbox" name="dapper_cf7_human_confirm" id="dapper_cf7_human_confirm_' . uniqid() . '" value="1" required style="transform: scale(1.4); margin-right: 0.8em; vertical-align: middle;">
I am human / not a robot
</label>
<input type="hidden" name="dapper_cf7_human_token" id="dapper_cf7_human_token_' . uniqid() . '" value="">
<input type="hidden" name="dapper_cf7_human_time" value="' . time() . '">
<p style="margin: 0.6em 0 0; font-size: 0.9em; color: #555;">Quick check to help stop spam. Thanks!</p>
</div>';
// 1. Try to insert before the submit input/button (most common cases)
// Look for <input type="submit"...> or <button type="submit">...</button>
$form = preg_replace(
'/(<(?:input|button)[^>]*type=["\']submit["\'][^>]*>)/i',
$checkbox_html . '$1',
$form,
1 // limit to first match
);
// 2. If that didn't work (rare), try before the wrapping <p> of submit
if ( strpos( $form, $checkbox_html ) === false ) {
$form = preg_replace(
'/(<p[^>]*>[\s\S]*?(?:<input[^>]*type=["\']submit["\'][^>]*>|<\/button>)[\s\S]*?<\/p>)/i',
$checkbox_html . '$1',
$form,
1
);
}
// 3. Ultimate fallback: just before </form>
if ( strpos( $form, $checkbox_html ) === false ) {
$form = str_replace( '</form>', $checkbox_html . '</form>', $form );
}
return $form;
}
// 2. Very small JS — runs on every page that has CF7 (cheap)
add_action( 'wp_footer', 'dapper_cf7_human_checkbox_js', 95 );
@@ -1540,7 +1556,7 @@ function dapper_settings_page_content() {
<label for="dapper_enable_cf7_human_checkbox">Enable "I'm human" checkbox on all CF7 forms</label>
<input type="checkbox" id="dapper_enable_cf7_human_checkbox" name="dapper_enable_cf7_human_checkbox"
<?php checked( get_option( 'dapper_enable_cf7_human_checkbox', 'on' ), 'on' ); ?>>
<?php
<?php
submit_button();
?>