azzmin/cakephp-altcha
Composer 安装命令:
composer require azzmin/cakephp-altcha
包简介
Altcha proof-of-work spam protection for CakePHP 5
README 文档
README
Altcha proof-of-work spam protection for CakePHP 5. Privacy-friendly, no external services, no tracking.
Uses Altcha to generate SHA-256 challenges that are solved client-side. No CAPTCHA images, no Google dependencies.
Install
composer require azzmin/cakephp-altcha
Setup
1. Load the plugin in src/Application.php:
$this->addPlugin('Altcha');
2. In your controller load the component and helper:
public function initialize(): void { parent::initialize(); $this->loadComponent('Altcha.Altcha'); $this->viewBuilder()->addHelper('Altcha.Altcha'); }
3. Verify on POST in your action, before processing the form:
if ($this->request->is('post')) { if (!$this->Altcha->verify($this->request)) { $this->Flash->error('Please complete the verification.'); return null; } // process form... }
4. Render the widget in your template, before the submit button:
<?= $this->Altcha->widget() ?>
That's it. No database, no routes, no configuration required.
Options
Pass an array to widget() to customise:
<?= $this->Altcha->widget(['hidelogo' => true]) ?>
| Option | Type | Description |
|---|---|---|
hidelogo |
true |
Hide the Altcha logo |
hidelabel |
true |
Hide the "I'm not a robot" label |
name |
string |
Hidden input name (default: altcha) |
auto |
string |
Auto-solve mode: onfocus, onload, onsubmit |
If you change name, pass the same value to verify:
$this->Altcha->verify($this->request, 'my_field_name');
Configuration
All optional. Defaults work out of the box using Security.salt from app_local.php.
Add to config/app_local.php to override:
'Altcha' => [ 'hmacKey' => 'your-custom-key', // defaults to Security.salt 'maxNumber' => 100000, // higher = harder for bots 'saltLength' => 12, 'jsUrl' => 'https://cdn.jsdelivr.net/npm/altcha@latest/dist/altcha.js', ],
How it works
- Server generates a SHA-256 challenge with a HMAC signature
- Client solves the proof-of-work in the browser (finds the nonce)
- Solution is submitted as a hidden form field
- Server verifies the hash and HMAC signature
No data sent to third parties. All computation happens in the browser.
Requirements
- PHP 8.1+
- CakePHP 5.0+
CakePHP 5.3 Compatibility
Note: This plugin uses AltchaPlugin as the primary plugin class following CakePHP 5.3 conventions. A Plugin class is maintained for backward compatibility with CakePHP 5.0-5.2.
Migration for CakePHP 5.3+ Users
If you're using CakePHP 5.3 or later, the plugin will automatically use the new AltchaPlugin class. No changes are needed to your code.
Deprecation Notice
If you see a deprecation warning about the Plugin class when using CakePHP 5.3+, this is expected for backward compatibility. The Plugin class will be removed in the next major version of this plugin.
Future Changes
In a future major release (2.0.0), the Plugin class will be removed and only AltchaPlugin will remain. If you're only using CakePHP 5.3+, you don't need to take any action.
License
Apache-2.0
azzmin/cakephp-altcha 适用场景与选型建议
azzmin/cakephp-altcha 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3 次下载、GitHub Stars 达 1, 最近一次更新时间为 2026 年 04 月 26 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「cakephp」 「spam」 「captcha」 「antispam」 「ALTCHA」 「cakephp5」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 azzmin/cakephp-altcha 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 azzmin/cakephp-altcha 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 azzmin/cakephp-altcha 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
CakePHP 4.x AdminLTE Theme.
Simple captcha generator
reCAPTCHA library
Client library for reCAPTCHA with proxy support, a free service that protects websites from spam and abuse.
Diese Contao 4 Erweiterung stellt Google reCAPTCHA V2 in Form eines neuen Formularfeldes im Formulargenerator bereit. This extension provides Google reCAPTCHA V2 in the form of a new form field in the form generator of Contao Open Source CMS.
Two Captcha
统计信息
- 总下载量: 3
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 35
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: Apache-2.0
- 更新时间: 2026-04-26