Spams are almost every website enemies and one way to avoid this is using captcha to filter the forms. For those who don't know, Captcha is a type of challenge-response test used in computing as an attempt to ensure that the response is generated by a person. The process usually involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade.

Lately I would need to apply this on my RoR site and here I was torned between two plugins, ReCaptcha plugin by Jason L Perry and SimpleCaptcha. Here is the brief comparison between the two that I took in consideration:

- ReCaptcha connects to a server outside your application
- SimpleCaptcha requires ImageMagick and RMagick to be installed

Being on windows for development, I know how stupid to install the ImageMacgik and RMagick. So with that I think ReCaptcha would more hassle free. This is just my opinion but you can always take in consideration that it connects outside your application. This is because there are some developers who take that as an issue.

So to use ReCaptcha:

1) First create an account on ReCaptcha. Registration is pretty straightforward. Just make sure that you remember your public and private key for your domain.

2) Download the plugin of ReCaptcha plugin. I prefer plugin version based on experience. This is because plugins are more portable than gems. Well, this is just my opinion and you can always have your point but as far as this tutorial is concerned, I'm going to use plugins rather than gem. After downloading it, place the said folder inside vendor/plugins.

Aside from this, you can always do the following command in the shell/command line:

$ ruby script/plugin install git://

3) Create a file named recaptcha.rb and place it inside RAILS_ROOT/config/initializers/. This file would be called when your rails application is called and thus will set the values as constant through out the application runtime. Copy this contents on the said file:

Recaptcha.configure do |config|
 config.public_key  = 'REPLACE_THIS_WITH_YOUR_PUBLIC_KEY'
    config.private_key = 'REPLACE_THIS_WITH_YOUR_PRIVATE_KEY'

4) On your view place this inside of the form you want to add recaptcha in.

<%=  recaptcha_tags %>

Of course you can always customize it the way you want it using the following tags:
:ssl: Uses secure http for captcha widget (default false)
:noscript: Include <noscript> content (default true)
:display: Takes a hash containing the theme and tabindex options per the API. (default nil)
:ajax: Render the dynamic AJAX captcha per the API. (default false)
:public_key: Your public API key, takes precedence over the ENV variable (default nil)
:error: Override the error code returned from the reCAPTCHA API (default nil)

5) After creating the view, we need to check the content by using verify_recaptcha on your controller

if verify_recaptcha()
 flash[:success] = "Welcome human!"
 flash[:error] = "You may not be a human after all. Please re-enter Captcha code."

Similar to recaptcha tags, you can also add some more tags to customize checking and binding it with your models.


Upon installation I find an error with regards to lower version of Rails. The error has something to do with html_safe which is available only on Rails 2.3.7 (needs confirmation on the proper version). In order to resolve this, I comment out the html_safe part on line 39 of RAILS_ROOT\vendor\plugins\recaptcha\lib\recaptcha\client_helper.rb

so from:

return html.html_safe


return html #.html_safe

No comments :

Post a Comment