I know this is an older message, but I figured if anyone runs into the same issue this may help.
Preamble...
[list=]I cannot claim that this option is more secure, or will work in your hosting environment.[/list]
[list=]
I DEFINITELY recommend the developers updates over customizations like this whenever possible.[/list]
[list=]Use this at your own risk, as a last possible option.[/list]
This requires cURL, and is probably why file_get_contents() was used, making one less possible requirement.
If you make this change, You will need to make a backup before updating ChronoForms5.
Line 29 in :
/administrator/components/com_chronoforms5/chronoforms/actions/check_nocaptcha/check_nocaptcha.php
I replaced :
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$config->get('secret_key')."&response=".$form->data('g-recaptcha-response'));
With this:
// Original $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$config->get('secret_key')."&response=".$form->data('g-recaptcha-response'));
$ch = curl_init("https://www.google.com/recaptcha/api/siteverify?secret=".$config->get('secret_key')."&response=".$form->data('g-recaptcha-response'));
curl_setopt($ch, CURLOPT_FRESH_CONNECT, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
If you see any flaws in my code,
please please let me know.
I think it would be nice to add an optional selector to choose between cURL or file_get_contents() in the noCAPTCHA action?