Since you added the path logging to the log output (thank you!) I can see clusters of these entries, maybe 10-20 entries in a few minutes every few hours... does this path need to be excluded or is it a spambot on the frontend?

2020-03-20 07:28:05 [][][info] Value submitted is null. [https://www.clientdomain.com/index.php?p=actions/commerce/payments/pay]

I just upgraded my website to Craft CMS 4 and pages with Snaptcha are throwing an error via Typecast. It looks like the $config is null. I don't know if this is a bug or not.

I have tried:

• resaving the config multiple times.

craft\helpers\Typecast::properties(): Argument #2 ($properties) must be of type array, null given, called in /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/base/Model.php

TypeError: craft\helpers\Typecast::properties(): Argument #2 ($properties) must be of type array, null given, called in /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/base/Model.php on line 69 and defined in /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/helpers/Typecast.php:44 Stack trace: #0 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/base/Model.php(69): craft\helpers\Typecast::properties('putyourlightson...', NULL) #1 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/putyourlightson/craft-snaptcha/src/variables/SnaptchaVariable.php(30): craft\base\Model->__construct(NULL) #2 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Extension/CoreExtension.php(1607): putyourlightson\snaptcha\variables\SnaptchaVariable->getFieldValue() #3 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/helpers/Template.php(101): twig_get_attribute(Object(craft\web\twig\Environment), Object(Twig\Source), Object(putyourlightson\snaptcha\variables\SnaptchaVariable), 'fieldValue', Array, 'any', false, false) #4 /srv/users/petroglyph-2021/apps/petroglyph-2021/storage/runtime/compiled_templates/7c/7c82eb5389eecf938bc7bb6277e86e28.php(117): craft\helpers\Template::attribute(Object(craft\web\twig\Environment), Object(Twig\Source), Object(putyourlightson\snaptcha\variables\SnaptchaVariable), 'fieldValue', Array) #5 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(394): __TwigTemplate_fc2e4f5f93c4f3ad10d6a5a73011ac8b->doDisplay(Array, Array) #6 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(367): Twig\Template->displayWithErrorHandling(Array, Array) #7 /srv/users/petroglyph-2021/apps/petroglyph-2021/storage/runtime/compiled_templates/c0/c05edea58a10e5160c66227cdc119252.php(88): Twig\Template->display(Array) #8 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(171): __TwigTemplate_d2f329751bba632e81419e7664197185->block_content(Array, Array) #9 /srv/users/petroglyph-2021/apps/petroglyph-2021/storage/runtime/compiled_templates/e9/e936ca7b28cc85922cfa9daa06224f2b.php(115): Twig\Template->displayBlock('content', Array, Array) #10 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(394): __TwigTemplate_dc978274b1ce1422271396de7c4558a7->doDisplay(Array, Array) #11 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(367): Twig\Template->displayWithErrorHandling(Array, Array) #12 /srv/users/petroglyph-2021/apps/petroglyph-2021/storage/runtime/compiled_templates/c0/c05edea58a10e5160c66227cdc119252.php(46): Twig\Template->display(Array, Array) #13 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(394): __TwigTemplate_d2f329751bba632e81419e7664197185->doDisplay(Array, Array) #14 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(367): Twig\Template->displayWithErrorHandling(Array, Array) #15 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Template.php(379): Twig\Template->display(Array) #16 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/TemplateWrapper.php(40): Twig\Template->render(Array, Array) #17 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/twig/twig/src/Environment.php(277): Twig\TemplateWrapper->render(Array) #18 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/web/View.php(428): Twig\Environment->render('/contact.html', Array) #19 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/web/View.php(481): craft\web\View->renderTemplate('/contact.html', Array) #20 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/web/TemplateResponseFormatter.php(56): craft\web\View->renderPageTemplate('/contact.html', Array, 'site') #21 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/yiisoft/yii2/web/Response.php(1095): craft\web\TemplateResponseFormatter->format(Object(craft\web\Response)) #22 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/craftcms/cms/src/web/Response.php(286): yii\web\Response->prepare() #23 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/yiisoft/yii2/web/Response.php(339): craft\web\Response->prepare() #24 /srv/users/petroglyph-2021/apps/petroglyph-2021/vendor/yiisoft/yii2/base/Application.php(390): yii\web\Response->send() #25 /srv/users/petroglyph-2021/apps/petroglyph-2021/public/index.php(21): yii\base\Application->run() #26 {main}

I have excluded the login (users/login) and password reset form (users/send-password-reset-email) from Snaptcha, but I am seeing the pages which those forms live on be logged in the Snaptcha logs. Is this something I should expect? Things test well for me on the front end, but I'm worried other users are having issues.

Hi Ben,

looks like there's some issue with Snaptcha where it is stopping Enupal Stripe Payments from having a form that actually works. It's been an issue we've had for a while, but Andre managed to track it down to this rather than an issue with the Enupal plugin itself:

if you disable the Snaptcha plugin you may notice that the payment form starts working again. 
For some reason the plugin is blocking our ajax call to create the Stripe Session
and returning this error:

JavaScript must be enabled for your submission to be verified. Please enable it and refresh the page.

Any help greatly appreciated as we've had to disable SCA payments on a live site for some time while this has been happening. Is this a configuration issue on our end, or a genuine bug?

We can supply a test site and link with the issue in-play if that's any help.

enupal/stripe#217 - Issue on their plugin, though it's missing some direct-email back and forth.

Hi,

The plugin brakes password reset, since this is a craft default template i can't add the twig tag.
Can fix with adding the url to the exclude list, but would be nicer if it worked out of the box

Describe the bug

When snaptcha plugin is enabled, making a request to graphql API responds with a template error that looks like it's a snaptcha spam response / template.

To reproduce

Steps to reproduce the behaviour:

1. Install snaptcha
2. Send curl request to graphql API endpoint
3. View error / response in terminal

Expected behaviour

API route shouldn't be effected by snaptcha

Describe the bug

A YII Error that yields a stack trace:
yii\base\UnknownPropertyException: Setting unknown property: putyourlightson\snaptcha\records\SnaptchaRecord::expirationTime in /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/base/Component.php:209
Stack trace:
#0 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/db/BaseActiveRecord.php(324): yii\base\Component->__set('expirationTime', '0')
#1 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/BaseYii.php(558): yii\db\BaseActiveRecord->__set('expirationTime', '0')
#2 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/base/BaseObject.php(107): yii\BaseYii::configure(Object(putyourlightson\snaptcha\records\SnaptchaRecord), Object(putyourlightson\snaptcha\models\SnaptchaModel))
#3 /home/vagrant/Code/petroglyph/deploy/vendor/putyourlightson/craft-snaptcha/src/services/SnaptchaService.php(77): yii\base\BaseObject->__construct(Object(putyourlightson\snaptcha\models\SnaptchaModel))
#4 /home/vagrant/Code/petroglyph/deploy/vendor/putyourlightson/craft-snaptcha/src/variables/SnaptchaVariable.php(41): putyourlightson\snaptcha\services\SnaptchaService->getFieldValue(Object(putyourlightson\snaptcha\models\SnaptchaModel))
#5 /home/vagrant/Code/petroglyph/deploy/vendor/putyourlightson/craft-snaptcha/src/variables/SnaptchaVariable.php(55): putyourlightson\snaptcha\variables\SnaptchaVariable->getFieldValue(NULL)
#6 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Extension/CoreExtension.php(1495): putyourlightson\snaptcha\variables\SnaptchaVariable->getField()
#7 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/helpers/Template.php(105): twig_get_attribute(Object(craft\web\twig\Environment), Object(Twig\Source), Object(putyourlightson\snaptcha\variables\SnaptchaVariable), 'field', Array, 'any', false, false)
#8 /home/vagrant/Code/petroglyph/deploy/storage/runtime/compiled_templates/34/3419e4aa450f249dc017c35b57ab0689a372a9cf076a4018d37937ab2c3cb6da.php(200): craft\helpers\Template::attribute(Object(craft\web\twig\Environment), Object(Twig\Source), Object(putyourlightson\snaptcha\variables\SnaptchaVariable), 'field', Array)
#9 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Template.php(184): __TwigTemplate_b5d88922a6fbc1f1142c251a438aca31f912514cc946505e8fd001e1fdd272ff->block_content(Array, Array)
#10 /home/vagrant/Code/petroglyph/deploy/storage/runtime/compiled_templates/bc/bcb2c0eb624214da3645593970e8bad20f9028d79c10cdc80ed772bb2f077fd9.php(523): Twig\Template->displayBlock('content', Array, Array)
#11 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Template.php(407): __TwigTemplate_3f6d3a1fcdef7c4b1d4dd9104b8cfeaf04c0d61630ff0b8c5c80d4a0f6684c7a->doDisplay(Array, Array)
#12 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Template.php(380): Twig\Template->displayWithErrorHandling(Array, Array)
#13 /home/vagrant/Code/petroglyph/deploy/storage/runtime/compiled_templates/34/3419e4aa450f249dc017c35b57ab0689a372a9cf076a4018d37937ab2c3cb6da.php(45): Twig\Template->display(Array, Array)
#14 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Template.php(407): __TwigTemplate_b5d88922a6fbc1f1142c251a438aca31f912514cc946505e8fd001e1fdd272ff->doDisplay(Array, Array)
#15 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Template.php(380): Twig\Template->displayWithErrorHandling(Array, Array)
#16 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Template.php(392): Twig\Template->display(Array)
#17 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/TemplateWrapper.php(45): Twig\Template->render(Array, Array)
#18 /home/vagrant/Code/petroglyph/deploy/vendor/twig/twig/src/Environment.php(318): Twig\TemplateWrapper->render(Array)
#19 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/web/View.php(344): Twig\Environment->render('index', Array)
#20 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/web/View.php(393): craft\web\View->renderTemplate('index', Array)
#21 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/web/Controller.php(243): craft\web\View->renderPageTemplate('index', Array)
#22 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/controllers/TemplatesController.php(101): craft\web\Controller->renderTemplate('index', Array)
#23 [internal function]: craft\controllers\TemplatesController->actionRender('index', Array)
#24 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/base/InlineAction.php(57): call_user_func_array(Array, Array)
#25 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/base/Controller.php(157): yii\base\InlineAction->runWithParams(Array)
#26 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/web/Controller.php(187): yii\base\Controller->runAction('render', Array)
#27 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/base/Module.php(528): craft\web\Controller->runAction('render', Array)
#28 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/web/Application.php(299): yii\base\Module->runAction('templates/rende...', Array)
#29 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/web/Application.php(103): craft\web\Application->runAction('templates/rende...', Array)
#30 /home/vagrant/Code/petroglyph/deploy/vendor/craftcms/cms/src/web/Application.php(284): yii\web\Application->handleRequest(Object(craft\web\Request))
#31 /home/vagrant/Code/petroglyph/deploy/vendor/yiisoft/yii2/base/Application.php(386): craft\web\Application->handleRequest(Object(craft\web\Request))
#32 /home/vagrant/Code/petroglyph/deploy/docs/index.php(21): yii\base\Application->run()
#33 {main}

To reproduce

Steps to reproduce the behaviour:

1. Update Craft CMS from v 2.6.3 to 3.4.0.b-3
2. Install today's Snaptcha version on site 2.21
3. Add {{craft.snaptcha.field}} to a template

Notably, {{ craft.snaptcha.fieldName }} does not throw the error. {{ craft.snaptcha.fieldValue }} throws it.

Expected behaviour

Rendered template with Snaptcha invisibly embedded in the form somewhere.

Versions

• Plugin version: 2.2.1
• Craft version: 3.4.0.b3

Hi Ben,
I still think it's more related to Snaptcha than to Sprig. But it's hard to find out since no error is logged in Craft.
There is a 400 error in the browser console.

[Error] Failed to load resource: the server responded with a status of 400 () (index.php, line 0)
[Error] Response Status Error Code 400 from https://lappat23.ddev.site/index.php?p=actions/sprig-core/components/render&sprig:action=79de09316f36e9be9c0e39b636d039cf5f4b6f140de4f301abb766a460a80854contact-form/send

When I turn off Snaptcha. The form loaded with Sprig is working fine.
When I load the form without Sprig and leave Snaptcha on it is working, but the browser console still shows a 400 error.

[Error] Failed to load resource: the server responded with a status of 400 () (contact, line 0)

I thought it might be related to my custom fields or validation. But when I turn these is off there is still a 400 error.
I get the same error with an entry form. Also no 400 error is in the Craft log files.

All plugins and Craft are up to date.

I recently found your plugin since I searched for a good solution for form validation that was compatible with Blitz.

So far I managed to get all other form plugins (Freeform, Wheelform etc.) to work with this plugin. However, the only one that does not work so far is verbb/comments.

Is there any information on this?
I tried to include the code via blitz inject, but I always get this error message:

Value not found in database. [https://www.website.com/index.php?p=actions/comments/comments/save]

Would really appreciate any help or information.

I'm trying to exclude all paths that start with "shop" using "^shop" but it doesn't appear to be working...

(The forms only submit if I exclude the full path, eg "shop/customer/register")

Am I doing something wrong?

Thanks!

PS. This is with Craft CMS 3.3.15

Describe the bug

I am getting this error "JavaScript must be enabled for your submission to be verified. Please enable it and refresh the page." when submitting via Ajax to the guest entry plugin. Might happen when doing normal post requests too. I have added this "guest-entries/save" to the section "Exclude Controller Actions" and it used to work fine so assume its some of the last updates causing issue.

Not sure if these are related #18 and #15

Versions

• Plugin version: 3.0.7
• Craft version: 3.7.7

Craft CMS 3.5.15.1
Snaptcha 2.2.5
GDPR Cookie Consent 1.4.4

Install GDPR Cookie Consent 1.4.4
check if it works properly and is storing consents
Install Snaptcha 2.2.5
GDPR Cookie Consent 1.4.4 stops storing consents because Snaptcha 2.2.5 is blocking GDPR Cookie Consent 1.4.4

error: yii\web\HttpException:403 @ https://damin.tld/index.php?p=actions/

yii\web\ForbiddenHttpException: Sorry, you have not passed the security test. Please make sure that you have Javascript enabled and that you update the page you are trying to submit. in /srv/users/axel/apps/craft/vendor/putyourlightson/craft-snaptcha/src/Snaptcha.php:123 Stack trace: #0 /srv/users/axel/apps/craft/vendor/putyourlightson/craft-snaptcha/src/Snaptcha.php(73): putyourlightson\snaptcha\Snaptcha->validateField(Object(yii\base\ActionEvent)) #1 [internal function]: putyourlightson\snaptcha\Snaptcha->putyourlightson\snaptcha\{closure}(Object(yii\base\ActionEvent)) #2 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/base/Event.php(312): call_user_func(Object(Closure), Object(yii\base\ActionEvent)) #3 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/base/Component.php(636): yii\base\Event::trigger('craft\\web\\Contr...', 'beforeAction', Object(yii\base\ActionEvent)) #4 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/base/Controller.php(299): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent)) #5 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/web/Controller.php(200): yii\base\Controller->beforeAction(Object(yii\base\InlineAction)) #6 /srv/users/axel/apps/craft/vendor/craftcms/cms/src/web/Controller.php(138): yii\web\Controller->beforeAction(Object(yii\base\InlineAction)) #7 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/base/Controller.php(178): craft\web\Controller->beforeAction(Object(yii\base\InlineAction)) #8 /srv/users/axel/apps/craft/vendor/craftcms/cms/src/web/Controller.php(190): yii\base\Controller->runAction('update', Array) #9 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/base/Module.php(528): craft\web\Controller->runAction('update', Array) #10 /srv/users/axel/apps/craft/vendor/craftcms/cms/src/web/Application.php(274): yii\base\Module->runAction('cookie-consent/...', Array) #11 /srv/users/axel/apps/craft/vendor/craftcms/cms/src/web/Application.php(577): craft\web\Application->runAction('cookie-consent/...', Array) #12 /srv/users/axel/apps/craft/vendor/craftcms/cms/src/web/Application.php(253): craft\web\Application->_processActionRequest(Object(craft\web\Request)) #13 /srv/users/axel/apps/craft/vendor/yiisoft/yii2/base/Application.php(386): craft\web\Application->handleRequest(Object(craft\web\Request)) #14 /srv/users/axel/apps/craft/public/index.php(22): yii\base\Application->run() #15 {main}

Hi, I installed Snaptcha on this site: fotoatelier-meier [dot] de

Situation

It is working because I already have 206 rejected entries since 2019-09-23 in the log. However 9 spam mails still reached the inbox in this time.
There is only one form on the site, but it is on most pages.
The log: Snaptcha.log

The spam mails defintely come through the contact form because they are saved to the database by Rias' Form plugin.

Expected

No spam at all is reaching the inbox. Is that even promised by Snaptcha?

Question

Can I do anything with Snaptcha to prevent even the small remaining amount of spam coming through or do I have to find another solution for that?

Describe the bug

A clear and concise description of what the bug is.
I updated a site from Craft 2 to Craft 3.6.11.1

And now when visiting a page with {{ craft.snaptcha.field }} I get this error:

Unknown Property – yii\base\UnknownPropertyException
Setting unknown property: putyourlightson\snaptcha\records\SnaptchaRecord::expirationTime
1. in /var/www/html/vendor/yiisoft/yii2/base/Component.phpat line 210

If I comment out {{ craft.snaptcha.field }} the page loads correctly

Snaptcha Validation Enabled is turned on.

To reproduce

Steps to reproduce the behaviour:

1. add {{ craft.snaptcha.field }} to a form template
2. visit page, get error

Expected behaviour

A clear and concise description of what you expected to happen.
I would expect my page to load and display the form.

Screenshots

If applicable, add screenshots to help explain your problem.

Versions

• Plugin version:2.3.1
• Craft version:3.6.11.1

Hi @bencroker,

I am looking to implement this on a craft user registration form.
Currently the form uses sprig as follows:

<form sprig method="post" s-method="post" s-action="users/save-user" s-indicator="#spinner" accept-charset="UTF-8" class="space-y-6">
      {{ csrfInput() }}
      {{ actionInput('users/save-user') }}
      {{ redirectInput('') }}
      
      <div>
        <div class="flex justify-between">
          <label for="firstName" class="{{ classes.forms.label }}">First Name</label>
          <span class="{{ classes.forms.inputNote }}" id="firstName--required">Required</span>
        </div>
        <div class="mt-1 relative {{ (user ? user.getErrors('firstName')) ? "focus:border-red-200" }}">
          {{ input('text', 'firstName', user.firstName ?? null, {
            id: 'firstName',
            autocomplete: 'first-name',
            class:  [
              classes.forms.input,
              (user ? user.hasErrors('firstName')) ? classes.forms.errorsInputField
            ]
          }) }}
          {{ user ? forms.errorList(user.getErrors('firstName')) }}
        </div>
      </div>
      
      <div>
        <div class="flex justify-between">
          <label for="lastName" class="{{ classes.forms.label }}">Last Name</label>
          <span class="{{ classes.forms.inputNote }}" id="lastName--required">Required</span>
        </div>
        <div class="mt-1 relative {{ (user ? user.getErrors('lastName')) ? "focus:border-red-200" }}">
          {{ input('text', 'lastName', user.lastName ?? null, {
            id: 'lastName',
            autocomplete: 'last-name',
            class:  [
              classes.forms.input,
              (user ? user.hasErrors('lastName')) ? classes.forms.errorsInputField
            ]
          }) }}
          {{ user ? forms.errorList(user.getErrors('lastName')) }}
        </div>
      </div>
      
      <div>
        <div class="flex justify-between">
          <label for="email" class="{{ classes.forms.label }}">Email</label>
          <span class="{{ classes.forms.inputNote }}" id="email--required">Required</span>
        </div>
        <div class="mt-1 relative {{ (user ? user.getErrors('email')) ? "focus:border-red-200" }}">
          {{ input('email', 'email', user.email ?? null, {
            id: 'email',
            autocomplete: 'email',
            class:  [
              classes.forms.input,
              (user ? user.hasErrors('email')) ? classes.forms.errorsInputField
            ]
          }) }}
          {{ user ? forms.errorList(user.getErrors('email')) }}
        </div>
      </div>
      
      <div>
        <div class="flex justify-between">
          <label for="password" class="{{ classes.forms.label }}">Password</label>
          <span class="{{ classes.forms.inputNote }}" id="email--required">Required</span>
        </div>
        <div class="mt-1 relative {{ (user ? user.getErrors('password')) ? "focus:border-red-200" }}">
          {{ input('password', 'password', null, {
            id: 'password',
            class:  [
              classes.forms.input,
              (user ? user.hasErrors('password')) ? classes.forms.errorsInputField
            ]
          }) }}
          {{ user ? forms.errorList(user.getErrors('password')) }}
        </div>
        
        <div class="flex items-start mt-2 text-xs text-slate-400">
          {{ svg('@icons/bx-line/bx-info-circle.svg')|attr({class: "w-4 h-4 flex-shrink-0 fill-current mr-1"}) }}
          <div>
            Passwords must be at least 8 characters long and must contain at least one uppercase letter and one number.
          </div>
        </div>
      </div>
      
      <div class="{{ user and user.getErrors('fields[hunayfax]') ? '' : 'hidden' }}">
        <div class="flex justify-between">
          <label for="fields[hunayfax]" class="{{ classes.forms.label }}">If you are human please leave this field empty.</label>
        </div>
        <div class="mt-1 relative {{ (user ? user.getErrors('hunayfax')) ? "focus:border-red-200" }}">
          <input id="hunayfax"
                 type="text"
                 name="fields[hunayfax]"
                 class="{{ classes.forms.input }} {{ (user ? user.getErrors('hunayfax')) ?  classes.forms.errorsInputField }}"
          />
          
          {{ user ? forms.errorList(user.getErrors('password')) }}
        </div>
      </div>
      
      <button type="submit" class="{{ classes.btn.base ~ ' ' ~ classes.btn.blue }} w-48">
        <span class="mr-2">
          Register
        </span>
        
        <div>
          <div id="spinner" class="htmx-indicator spinner2">
            <svg class="animate-spin h-5 w-5 text-white" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
              <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
              <path class="opacity-75"
                    fill="currentColor"
                    d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
              ></path>
            </svg>
          </div>
          
          {{ svg('@icons/hero/solid/arrow-narrow-right.svg')|attr({
            class:"w-4 h-4 flex-shrink-0 fill-current mx-1.5 icon"
          }) }}
      
      </button>
    </form>

I have added the {{ craft.snaptcha.field }} after the {{ redirectInput('') }}
But when i tried to test this as per the docs and removed this field, I am getting a sprig error.

[HTTP 400 – Bad Request](http://en.wikipedia.org/wiki/List_of_HTTP_status_codes#400) – [yii\web\BadRequestHttpException](http://www.yiiframework.com/doc-2.0/yii-web-badrequesthttpexception.html)
Post request required
public function requirePostRequest()
    {
        if (!$this->request->getIsPost()) {
            throw new BadRequestHttpException('Post request required');
        }
    }

However, not seeing the standard error message as it should show.

What additional steps do I need to take to get this to work with Sprig?
And thus depending on these steps, would it be worth adding a section to the docs to explain this.

Thanks
Terry

It would be helpful if the log file included the url of the form the error originated on.

Thanks :)

Right know you can enable validation on all post requests and then disable when wanted using the enableSnaptchaValidation property. I would like a way to turn this around: disable it by default but a way to enable it when wanted.

For example: I have come across multiple situations where the plugin is validating where it doesn't need to be. The last example of this is that this plugin blocks all webhook requests from payment providers. Right now I'm doing things like:

Event::on(CartController::class, CartController::EVENT_BEFORE_ACTION, function(ActionEvent $event) {
    $sender = (array)$event->sender;
    $sender['enableSnaptchaValidation'] = false;
    $event->sender = (object)$sender;
});

Event::on(WebhooksController::class, WebhooksController::EVENT_BEFORE_ACTION, function(ActionEvent $event) {
    $sender = (array)$event->sender;
    $sender['enableSnaptchaValidation'] = false;
    $event->sender = (object)$sender;
});

...

Usually though I only need this plugin to do it's thing at a guest entries form. It would be a lot easier to just be able to enable it there. Right now I have to disable it manually in a lot of places, it would be easier to turn this around. What do you think?

You mention that there is a version for craft 2, is it possible to get a copy? i need to add captcha support to formerly.

Describe the bug

When posting a Craft Campaign form (subscribe) I can force the error "For some reason your submission was flagged as spam. Please click the button below to resubmit your data." by not using the Snaptcha Twig tag but the submission is actually successful as subscriber gets double opt in email.

To reproduce

Steps to reproduce the behaviour:

1. Add a Craft Campaign form without Snaptcha Twig tag
2. Post it
3. See error message
4. Check that subscriber is actually subscribed (or at least is send the double opt in email)

Expected behaviour

Stop the form submission

Screenshots

https://share.getcloudapp.com/p9ubLP1p
https://share.getcloudapp.com/2Nuw6549

Versions

• Plugin versions:
• Campaign 1.19.1
• Snaptcha 3.0.2
• Craft version: 3.6.12

I'm trying to prevent Snaptcha from validating the consent form generated by Complete Cookie Consent.
The form posts to complete-cookie-consent/consent/submit so I have added ^complete-cookie-consent/consent/submit$ to the excluded uri patterns in Snaptcha's settings.

However, the form is still being blocked by Snaptcha.

How should I do this, bearing in mind it's not ideal for me to be modifying the controller and disabling Snaptcha that way?

Is there any scope to increase the detail in the logging?

It could be useful to at least log the IP of any trapped form submissions.

If there was also an option to log the actual submitted data, and the time it took to complete the form that would also be quite handy for ensuring we aren't blocking legitimate submissions.

Maybe an "enhanced logging" mode with some kind of pruning to prevent generating enormous log files?

Hi @bencroker

I am looking to use Snaptcha on a craft commerce site but purely for the craft (user) registration form only.
My understanding from reading the docs and discussions on Discord is that in order to do this I would need to implement a list of all the 'Exclude Controller Actions' as well as this I would need to manually add some code to my custom controllers (I have a few for subscriptions).

The site in question, as with most commerce sites, has many forms that are on the whole not a problem in regards to spam, mostly due to the fact some are behind the account functionality and others are only successfully along with payment details. thus I feel adding Snaptcha to all forms, seems overkill and adds much more work.

My concern, however, is the exclusion list and that this felt risky incase I missed off some by accident, and adding to custom controllers would also require additional testing when in fact these are not necessary.

Is there another method I am overlooking where it can only be implemented to a specific form(s) or is the above, in fact the only approach possible. Adding to this, if I was to disable the Validate Users setting, would this in fact negate a host of these as many of these forms are behind a user account (address management, card management, subscriptions etc). it would still need some exclusions for guest and standard checkouts/adding to carts etc.

A nice feature potentially, would be the ability to 'exclude commerce' where a toggle would bypass all the standard commerce controllers. This is only a thought.

Would love to hear your thoughts on this and the best approach for my situation, whereby I am hoping to eliminate registration spam quickly and easily with little much friction in the first instance.

Thanks
Terry

Describe the bug

Disabling validation on a controller class no longer working in 3.7.4

To reproduce

Steps to reproduce the behaviour:

1. Migrate to 3.7.4
2. Test a controller action that should have snaptcha disabled

Expected behaviour

Snaptcha shouldn't try to run on that form

Versions

• Plugin version: 3.0.7
• Craft version: 3.7.4

Describe the bug

I'm trying to update to the newest version of Snaptcha and am having issues. Even when I try to totally uninstall and re-install, it still is not working for me. One thing I'm noticing is that it doesn't have a Schema version in the project config file:

snaptcha:
  enabled: true
  licenseKey: XXX
  settings:
    allowList: ''
    denyList: ''
    errorButtonText: Resubmit
    errorJavascriptDisabled: 'JavaScript must be enabled for your submission to be verified. Please enable it and refresh the page.'
    errorMessage: 'For some reason your submission was flagged as spam. Please click the button below to resubmit your data.'
    errorTemplate: ''
    errorTitle: Error
    excludeControllerActions: ''
    expirationTime: '60'
    fieldName: snaptcha
    logRejected: '1'
    minimumSubmitTime: '1'
    oneTimeKey: ''
    salt: XXX
    validateUsers: '1'
    validationEnabled: '1'

To reproduce

Steps to reproduce the behaviour:

1. Install snaptcha.
2. Try and use a form that has a snaptcha tag.
3. Get an error.

Expected behaviour

A clear and concise description of what you expected to happen.

Screenshots

If applicable, add screenshots to help explain your problem.

Versions

• Plugin version: 3.0.2
• Craft version: 3.6.12

This error I get when trying to update database:

yii\base\ErrorException: preg_split() expects parameter 2 to be string, array given

Migration: putyourlightson\snaptcha\migrations\m181009_120000_update_blacklist_settings

Output:

Exception: preg_split() expects parameter 2 to be string, array given (/Users/josipanic/Sites/four-inc/vendor/putyourlightson/craft-snaptcha/src/migrations/m181009_120000_update_blacklist_settings.php:24)
#0 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/web/ErrorHandler.php(76): yii\base\ErrorHandler->handleError(2, 'preg_split() ex...', '/Users/josipani...', 24)
#1 [internal function]: craft\web\ErrorHandler->handleError(2, 'preg_split() ex...', '/Users/josipani...', 24, Array)
#2 /Users/josipanic/Sites/four-inc/vendor/putyourlightson/craft-snaptcha/src/migrations/m181009_120000_update_blacklist_settings.php(24): preg_split('/\r\n|\r|\n/', Array)
#3 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/db/Migration.php(56): putyourlightson\snaptcha\migrations\m181009_120000_update_blacklist_settings->safeUp()
#4 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/db/MigrationManager.php(243): craft\db\Migration->up(true)
#5 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/db/MigrationManager.php(163): craft\db\MigrationManager->migrateUp(Object(putyourlightson\snaptcha\migrations\m181009_120000_update_blacklist_settings))
#6 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/services/Updates.php(223): craft\db\MigrationManager->up()
#7 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/controllers/BaseUpdaterController.php(521): craft\services\Updates->runMigrations(Array)
#8 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/controllers/UpdaterController.php(209): craft\controllers\BaseUpdaterController->runMigrations(Array, 'restore-db')
#9 [internal function]: craft\controllers\UpdaterController->actionMigrate()
#10 /Users/josipanic/Sites/four-inc/vendor/yiisoft/yii2/base/InlineAction.php(57): call_user_func_array(Array, Array)
#11 /Users/josipanic/Sites/four-inc/vendor/yiisoft/yii2/base/Controller.php(157): yii\base\InlineAction->runWithParams(Array)
#12 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/web/Controller.php(109): yii\base\Controller->runAction('migrate', Array)
#13 /Users/josipanic/Sites/four-inc/vendor/yiisoft/yii2/base/Module.php(528): craft\web\Controller->runAction('migrate', Array)
#14 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/web/Application.php(297): yii\base\Module->runAction('updater/migrate', Array)
#15 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/web/Application.php(683): craft\web\Application->runAction('updater/migrate')
#16 /Users/josipanic/Sites/four-inc/vendor/craftcms/cms/src/web/Application.php(243): craft\web\Application->_processUpdateLogic(Object(craft\web\Request))
#17 /Users/josipanic/Sites/four-inc/vendor/yiisoft/yii2/base/Application.php(386): craft\web\Application->handleRequest(Object(craft\web\Request))
#18 /Users/josipanic/Sites/four-inc/public/index.php(21): yii\base\Application->run()
#19 {main}

Is your feature request related to a problem? Please describe.

Does the plugin support project config? I just installed and configured it in dev, pushed out the changes, and there were no project.yaml. It's not activated on the live site where admin is disabled.

Describe the solution you would like

Project config support.