Merge pull request #31 from Matteo-Peronnet/add-recaptcha

Add recaptcha

Controller/FormController.php

@@ -3,6 +3,7 @@
 namespace Victoire\Widget\FormBundle\Controller;
 
 use Gedmo\Sluggable\Util\Urlizer;
+use ReCaptcha\ReCaptcha;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 use Symfony\Component\HttpFoundation\File\UploadedFile;
@@ -38,11 +39,24 @@ public function addFormAnswerAction(Request $request)
         if ($request->getMethod() != 'POST' && $request->getMethod() != 'PUT') {
             throw $this->createNotFoundException();
         }
+
         $_taintedValues = $request->request->all()['cms_form_content'];
         /** @var WidgetForm $widget */
         $widget = $this->get('doctrine.orm.entity_manager')->getRepository('VictoireWidgetFormBundle:WidgetForm')->find($_taintedValues['id']);
         $data = [];
 
+        ///////////////////////// validation reCAPTCHA (if reCAPTCHA field checked) //////////////////////////////////////////
+        $recaptcha_helper = $this->container->get('victoire.form_widget.helper.recaptcha');
+        if ($widget->isRecaptcha() && $recaptcha_helper->canUseReCaptcha()) {
+            $recaptcha = new ReCaptcha($this->container->getParameter('victoire_widget_form.recaptcha_private_key'));
+            $resp = $recaptcha->verify($request->request->get('g-recaptcha-response'), $request->getClientIp());
+
+            if (!$resp->isSuccess()) {
+                $this->scold($this->get('translator')->trans('widget_form.form.captcha.error', [],'victoire'));
+                return $this->redirect($request->headers->get('referer'));
+            }
+        }
+
         foreach ($_taintedValues['questions'] as $question) {
             if (in_array($question['type'], ['text', 'textarea', 'email']) && !empty($question[0])) {
                 $data[] = [
@@ -276,8 +290,8 @@ protected function createAndSendMail($subject, $from, $to, $body, $contentType =
         foreach ($attachments as $attachment) {
             if ($attachment instanceof UploadedFile) {
                 $message
-                  ->attach(\Swift_Attachment::fromPath($attachment->getPathName())
-                            ->setFilename($attachment->getClientOriginalName())
+                    ->attach(\Swift_Attachment::fromPath($attachment->getPathName())
+                        ->setFilename($attachment->getClientOriginalName())
                     );
             }
         }

DependencyInjection/Configuration.php

@@ -30,6 +30,12 @@ public function getConfigTreeBuilder()
                 ->end()
                 ->scalarNode('default_bcc_email_address')
                 ->end()
+                ->scalarNode('recaptcha_public_key')
+                ->defaultNull()
+                ->end()
+                ->scalarNode('recaptcha_private_key')
+                ->defaultNull()
+                ->end()
                 ->arrayNode('prefill')
                     ->prototype('array')
                         ->children()

Entity/WidgetForm.php

@@ -109,6 +109,13 @@ class WidgetForm extends Widget
      */
     protected $autoAnswer;
 
+    /**
+     * @var bool
+     *
+     * @ORM\Column(name="recaptcha", type="boolean", nullable=true)
+     */
+    protected $recaptcha;
+
     /**
      * @var string
      *
@@ -764,4 +771,22 @@ public function setSubmitClass($submitClass)
     {
         $this->submitClass = $submitClass;
     }
+
+    /**
+     * @return bool
+     */
+    public function isRecaptcha()
+    {
+        return $this->recaptcha;
+    }
+
+    /**
+     * @param bool $recaptcha
+     * @return WidgetForm
+     */
+    public function setRecaptcha($recaptcha)
+    {
+        $this->recaptcha = $recaptcha;
+        return $this;
+    }
 }

Form/WidgetFormQuestionType.php

@@ -111,6 +111,7 @@ public function configureOptions(OptionsResolver $resolver)
     {
         $resolver->setDefaults([
             'data_class' => 'Victoire\Widget\FormBundle\Entity\WidgetFormQuestion',
+            'translation_domain' => 'victoire'
         ]);
     }
 }

Form/WidgetFormType.php

@@ -14,20 +14,23 @@
 use Victoire\Bundle\FormBundle\Form\Type\LinkType;
 use Victoire\Bundle\MediaBundle\Form\Type\MediaType;
 use Victoire\Widget\FormBundle\Entity\WidgetFormQuestion;
+use Victoire\Widget\FormBundle\Helper\RecaptchaHelper;
 
 /**
  * WidgetForm form type.
  */
 class WidgetFormType extends WidgetType
 {
     private $formPrefill;
+    private $recaptchaHelper;
 
     /**
      * Constructor.
      */
-    public function __construct($formPrefill)
+    public function __construct($formPrefill, RecaptchaHelper $recaptchaHelper)
     {
         $this->formPrefill = $formPrefill;
+        $this->recaptchaHelper = $recaptchaHelper;
     }
 
     /**
@@ -171,7 +174,11 @@ public function buildForm(FormBuilderInterface $builder, array $options)
             'required' => false,
             ]
         );
-
+        if ($this->recaptchaHelper->canUseReCaptcha()) {
+            $builder->add('recaptcha', null, [
+                'label' => 'widget_form.form.captcha.label',
+            ]);
+        }
         if ($this->formPrefill) {
             $builder->addEventListener(FormEvents::PRE_SET_DATA, function (FormEvent $event) {
                 $widgetFormSlot = $event->getData();
@@ -202,7 +209,7 @@ public function configureOptions(OptionsResolver $resolver)
         $resolver->setDefaults([
             'data_class'         => 'Victoire\Widget\FormBundle\Entity\WidgetForm',
             'widget'             => 'Form',
-            'translation_domain' => 'victoire',
+            'translation_domain' => 'victoire'
             ]
         );
     }

Helper/RecaptchaHelper.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Victoire\Widget\FormBundle\Helper;
+
+class RecaptchaHelper
+{
+    private $recaptchaPublicKey;
+    private $recaptchaPrivateKey;
+
+    public function __construct($recaptchaPublicKey, $recaptchaPrivateKey)
+    {
+        $this->recaptchaPublicKey = $recaptchaPublicKey;
+        $this->recaptchaPrivateKey = $recaptchaPrivateKey;
+    }
+
+    public function canUseReCaptcha()
+    {
+        return $this->recaptchaPublicKey && $this->recaptchaPrivateKey;
+    }
+}

README.md

@@ -60,3 +60,18 @@ When widget is configure to send mail with form data, you can inject some other
         class: AppBundle\EventListener\WidgetFormListener
         tags:
             - { name: kernel.event_listener, event: victoire.widget_form.pre_send_mail, method: injectData }
+
+## Use reCAPTCHA
+
+[ReCAPTCHA](https://developers.google.com/recaptcha/) is a free CAPTCHA service that protects websites from spam and abuse.
+
+### Parameters 
+
+To use reCAPTCHA on your website, you'll need to :
+* Register your website in the [reCAPTCHA homepage here](https://www.google.com/recaptcha/intro/android.html)
+* Add your api keys in your app parameters
+
+```yaml
+    victoire_widget_form.recaptcha_public_key: XXXXXX
+    victoire_widget_form.recaptcha_private_key: XXXXXX
+```

Resolver/WidgetFormContentResolver.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace Victoire\Widget\FormBundle\Resolver;
+
+use Victoire\Bundle\WidgetBundle\Model\Widget;
+use Victoire\Bundle\WidgetBundle\Resolver\BaseWidgetContentResolver;
+use Victoire\Widget\FormBundle\Entity\WidgetForm;
+use Victoire\Widget\FormBundle\Helper\RecaptchaHelper;
+
+class WidgetFormContentResolver extends BaseWidgetContentResolver
+{
+    protected $recaptchaPublicKey;
+    protected $recaptchaHelper;
+
+    public function __construct($recaptchaPublicKey, RecaptchaHelper $recaptchaHelper)
+    {
+        $this->recaptchaPublicKey = $recaptchaPublicKey;
+        $this->recaptchaHelper = $recaptchaHelper;
+    }
+
+    /**
+     * Get the static content of the widget.
+     *
+     * @param Widget $widget
+     *
+     * @return string
+     */
+    public function getWidgetStaticContent(Widget $widget)
+    {
+        $parameters = parent::getWidgetStaticContent($widget);
+
+        return $this->addRecaptchaKey($widget, $parameters);
+    }
+
+    /**
+     * Get the business entity content.
+     *
+     * @param Widget $widget
+     *
+     * @return string
+     */
+    public function getWidgetBusinessEntityContent(Widget $widget)
+    {
+        $parameters = parent::getWidgetStaticContent($widget);
+
+        return $this->addRecaptchaKey($widget, $parameters);
+    }
+
+    /**
+     * Get the content of the widget by the entity linked to it.
+     *
+     * @param Widget $widget
+     *
+     * @return string
+     */
+    public function getWidgetEntityContent(Widget $widget)
+    {
+        $parameters = parent::getWidgetStaticContent($widget);
+
+        return $this->addRecaptchaKey($widget, $parameters);
+    }
+
+    /**
+     * Get the content of the widget for the query mode.
+     *
+     * @param Widget $widget
+     *
+     * @return string
+     */
+    public function getWidgetQueryContent(Widget $widget)
+    {
+        $parameters = parent::getWidgetStaticContent($widget);
+
+        return $this->addRecaptchaKey($widget, $parameters);
+    }
+
+    protected function addRecaptchaKey(WidgetForm $widget, array $parameters)
+    {
+        if ($widget->isRecaptcha() && $this->recaptchaHelper->canUseReCaptcha()) {
+            return array_merge($parameters, ['recaptcha_public_key' => $this->recaptchaPublicKey]);
+        }
+
+        return $parameters;
+    }
+}

Resources/config/assetic_injector.json

@@ -4,8 +4,13 @@
         "javascripts":
         {
             "foot": [
-              "@VictoireWidgetFormBundle/Resources/public/js/validator.js"
+              "@VictoireWidgetFormBundle/Resources/public/js/validator.js",
+              "https://www.google.com/recaptcha/api.js"
             ]
+        },
+        "stylesheets":
+        {
+            "head": "@VictoireWidgetFormBundle/Resources/public/css/recaptcha.css"
         }
     }
 }

Resources/config/services.yml

@@ -1,6 +1,10 @@
 services:
     victoire_core.widget_form_content_resolver:
-        class: Victoire\Bundle\WidgetBundle\Resolver\BaseWidgetContentResolver
+        parent: victoire_widget.base_widget_content_resolver
+        class: Victoire\Widget\FormBundle\Resolver\WidgetFormContentResolver
+        arguments:
+                    - '%victoire_widget_form.recaptcha_public_key%'
+                    - '@victoire.form_widget.helper.recaptcha'
         tags:
             - { name: victoire_widget.widget_content_resolver, alias: Form }
 
@@ -13,9 +17,16 @@ services:
         class: Victoire\Widget\FormBundle\Form\WidgetFormType
         arguments:
             - %victoire_widget_form.prefill%
+            - '@victoire.form_widget.helper.recaptcha'
         tags:
             - { name: form.type }
 
+    victoire.form_widget.helper.recaptcha:
+      class: Victoire\Widget\FormBundle\Helper\RecaptchaHelper
+      arguments:
+          - '%victoire_widget_form.recaptcha_public_key%'
+          - '%victoire_widget_form.recaptcha_private_key%'
+
     victoire.form_widget.twig.extension:
         class: Victoire\Widget\FormBundle\Twig\WidgetFormExtension
         tags:

Resources/public/css/recaptcha.css

@@ -0,0 +1,6 @@
+.g-recaptcha {
+    transform:scale(0.90);
+    -webkit-transform: scale(0.90);
+    transform-origin:0 0;
+    -webkit-transform-origin:0 0;
+}