プラグインなしでWordPressにCloudflare Turnstile CAPTCHAを追加する方法。

1. ベース
2. ログインフォーム
3. WordPressコメント
4. コンタクトフォーム 7
- 4.1. ショートコード

ベース

function cloudflare_key(){
	$sitekey= "00000000000000000000000";
	$secretkey= "000000000000000000000";
	return [$sitekey,$secretkey]; 	
}

add_action("wp_head", function(){	
	wp_enqueue_script('cloudflare-turnstile', 'https://challenges.cloudflare.com/turnstile/v0/api.js');
	} );

ログインフォーム


/*
 * Adding Cloudflare Turnstile to Login Form by wpcookie
 * https://redpishi.com/wordpress-tutorials/cloudflare-turnstile-captcha-wordpress/
 */	
function login_style() {
    wp_register_script('login-recaptcha', 'https://challenges.cloudflare.com/turnstile/v0/api.js', false, NULL);
    wp_enqueue_script('login-recaptcha');
	echo "";
}
add_action('login_enqueue_scripts', 'login_style');

add_action('login_form', function(){
	echo '';
	} );

add_action('wp_authenticate_user', function($user, $password) {
	$captcha=$_POST['cf-turnstile-response'];
	if (!$captcha) {
     return new WP_Error('Captcha Invalid', __('Captcha Invalid! Please check the captcha!'));
	   die();
           exit;
   }
   $secretKey = cloudflare_key()[1];
   $ip = $_SERVER['REMOTE_ADDR'];

   $url_path = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
   $data = array('secret' => $secretKey, 'response' => $captcha, 'remoteip' => $ip);
	
	$options = array(
		'http' => array(
		'method' => 'POST',
		'content' => http_build_query($data))
	);
	
	$stream = stream_context_create($options);
	
	$result = file_get_contents(
			$url_path, false, $stream);
	
	$response =  $result;
   
   $responseKeys = json_decode($response,true);
	  if(intval($responseKeys["success"]) !== 1) {
		   return new WP_Error('Captcha Invalid', __('Captcha Invalid! Please check the captcha!'));
		  die();
		   exit;
	  } else { 
		  return $user;
}
	
	} , 10, 2);

WordPressコメント

/*
 * Adding Cloudflare Turnstile to WordPress Comment
 * https://redpishi.com/wordpress-tutorials/cloudflare-turnstile-captcha-wordpress/
 */	
function is_valid_captcha($captcha) {
	
   if (!$captcha) {
     return false;
   }
   $secretKey = cloudflare_key()[1];
   $ip = $_SERVER['REMOTE_ADDR'];

   $url_path = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
   $data = array('secret' => $secretKey, 'response' => $captcha, 'remoteip' => $ip);
	
	$options = array(
		'http' => array(
		'method' => 'POST',
		'content' => http_build_query($data))
	);
	
	$stream = stream_context_create($options);
	
	$result = file_get_contents(
			$url_path, false, $stream);
	
	$response =  $result;
   
   $responseKeys = json_decode($response,true);
	  if(intval($responseKeys["success"]) !== 1) {
		   return false;
	  } else { 
		  return true;
}
}
	
add_action('init', function(){
	if (!is_user_logged_in() ) {
    add_action('pre_comment_on_post', function(){
		$recaptcha = $_POST['cf-turnstile-response'];
	if (empty($recaptcha))
    wp_die( __("ERROR: please select I'm not a robot!« Back"));
	else if (!is_valid_captcha($recaptcha))
    wp_die( __("please select I'm not a robot!"));
		
		} );

    add_filter('comment_form_defaults',function ($submit_field) {

		    $submit_field['submit_field'] = '

'.$submit_field['submit_field'];
    return $submit_field;	
	});
}	
	});

コンタクトフォーム 7

add_action("wp_footer", function(){ ?>
    <style>
        .wpcf7 input[name="c"] {
            display: none;
        }
        .wpcf7 .cf-turnstile {
            margin-top: -10px;
        }
    </style>
<?php });

function add_custom_element_before_submit($form) {
    $cf = '<div class="cf-turnstile" data-sitekey="' . cloudflare_key()[0] . '"></div>';
    $form = preg_replace('/\[\s*c\s*\]/', $cf, $form);    
    return $form;
}
add_filter('wpcf7_form_elements', 'add_custom_element_before_submit');

function validate_turnstile($result, $tag) {
    $turnstile_token = isset($_POST['cf-turnstile-response']) ? sanitize_text_field($_POST['cf-turnstile-response']) : '';
    $ct = "c";
    if (empty($turnstile_token)) {
        $result->invalidate($ct, 'You must complete the Turnstile challenge to submit this form.');
        // Mark as spam since no token was provided
        add_filter('wpcf7_spam', function() { return true; }, 100, 2);
        return $result;
    }

    $secret_key = cloudflare_key()[1];
    $remote_ip = $_SERVER['REMOTE_ADDR'];

    $response = wp_remote_post('https://challenges.cloudflare.com/turnstile/v0/siteverify', array(
        'body' => array(
            'secret' => $secret_key,
            'response' => $turnstile_token,
            'remoteip' => $remote_ip,
        ),
    ));

    if (is_wp_error($response)) {
        $result->invalidate($ct, 'The Turnstile token is invalid. Please try again.');
        // Mark as spam for invalid token
        add_filter('wpcf7_spam', function() { return true; }, 100, 2);
        return $result;
    }

    $body = wp_remote_retrieve_body($response);
    $data = json_decode($body, true);

    if (!$data['success']) {
        $result->invalidate($ct, 'There was an error validating the Turnstile challenge. Please try again.');
        // Mark as spam if validation failed
        add_filter('wpcf7_spam', function() { return true; }, 100, 2);
        return $result;
    }

    return $result;
}
add_filter('wpcf7_validate', 'validate_turnstile', 10, 2);