Tiger_Recaptcha
@api
Tiger_Recaptcha — the Google reCAPTCHA integration hub (config + server verify).
Shared by the form CONTROL (Tiger_View_Helper_FormRecaptcha, which renders the widget) and the VALIDATOR (Tiger_Validate_Recaptcha, which checks the token server-side). Keeping the config reads and the HTTP call in one place keeps those two in lock-step.
Config (tiger.recaptcha.*, cascade like everything else):
- enabled on/off. OFF = the control renders nothing and the validator passes, so forms work in dev with no keys.
- version "v2" (checkbox) | "v3" (invisible score).
- site_key PUBLIC — rendered into the page (fine to commit in application.ini).
- secret_key SECRET — server-side only; belongs in local.ini, never committed.
- min_score v3 pass threshold (0..1).
- fail_open when Google can't be REACHED (transport error, not a bot verdict), pass (1, default — a reCAPTCHA outage shouldn't lock out your login) or fail (0). A definitive "not a human" verdict always fails closed.
Methods
isEnabled()
isEnabled()
Is reCAPTCHA switched on for this install?
Returns bool
siteKey()
siteKey()
The public site key (rendered in the widget), or '' if unset.
Returns string
secretKey()
secretKey()
The server-side secret key, or '' if unset.
Returns string
version()
version()
"v2" (checkbox) or "v3" (score).
Returns string
minScore()
minScore()
v3 minimum passing score.
Returns float
failOpen()
failOpen()
Pass on a transport failure (can't reach Google)? Default yes (availability).
Returns bool
verify()
verify($token, $remoteIp = null)
Verify a token with Google. Returns the decoded response array (with success, and for v3 score/action), or NULL on a transport failure (couldn't reach the service) — the caller decides fail-open vs fail-closed for that case.
$tokenstring— the reCAPTCHA response token from the client$remoteIpstring|null— optional client IP to include in the verify call
Returns array|null