crovly/crovly-php
Composer 安装命令:
composer require crovly/crovly-php
包简介
Official Crovly PHP SDK — verify captcha tokens
README 文档
README
Official PHP SDK for Crovly — privacy-first captcha verification.
Requirements
- PHP 8.1+
- ext-curl
- ext-json
Installation
Composer (recommended)
composer require crovly/crovly-php
Manual
Download the src/ directory and use PSR-4 autoloading, or require files manually.
Quick Start
<?php require_once 'vendor/autoload.php'; use Crovly\Crovly; $crovly = new Crovly('crvl_secret_your_secret_key'); // Verify a token from the widget $response = $crovly->verify($_POST['crovly-token'], $_SERVER['REMOTE_ADDR']); if ($response->isHuman()) { // Token is valid, score meets threshold — proceed } else { // Verification failed or score too low — block }
Usage
Basic Verification
use Crovly\Crovly; $crovly = new Crovly('crvl_secret_xxx'); $response = $crovly->verify($token); echo $response->success; // true/false echo $response->score; // 0.0 — 1.0 echo $response->ip; // Client IP that solved the challenge
IP Binding
Pass the client's IP to enforce that the token was solved from the same IP:
$response = $crovly->verify($token, $_SERVER['REMOTE_ADDR']);
Custom Threshold
The default threshold is 0.5. You can adjust it:
// Stricter — require score >= 0.7 if ($response->isHuman(0.7)) { // High confidence human } // Lenient — accept score >= 0.3 if ($response->isHuman(0.3)) { // Low friction, some risk }
Response Object
| Property | Type | Description |
|---|---|---|
success |
bool |
Whether the token is valid |
score |
float |
Risk score (0.0 = bot, 1.0 = human) |
ip |
string |
IP address that solved the challenge |
solvedAt |
int |
Unix timestamp in milliseconds |
Laravel Integration
Middleware
Create app/Http/Middleware/VerifyCrovly.php:
<?php namespace App\Http\Middleware; use Closure; use Crovly\Crovly; use Crovly\Exceptions\CrovlyException; use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Response; class VerifyCrovly { private Crovly $crovly; public function __construct() { $this->crovly = new Crovly(config('services.crovly.secret_key')); } public function handle(Request $request, Closure $next): Response { $token = $request->input('crovly-token'); if (!$token) { abort(422, 'Captcha token is required'); } try { $response = $this->crovly->verify($token, $request->ip()); if (!$response->isHuman()) { abort(403, 'Captcha verification failed'); } } catch (CrovlyException $e) { abort(500, 'Captcha service error'); } return $next($request); } }
Register in bootstrap/app.php (Laravel 11+):
->withMiddleware(function (Middleware $middleware) { $middleware->alias([ 'crovly' => \App\Http\Middleware\VerifyCrovly::class, ]); })
Use on routes:
Route::post('/contact', [ContactController::class, 'store'])->middleware('crovly');
Config
Add to config/services.php:
'crovly' => [ 'secret_key' => env('CROVLY_SECRET_KEY'), ],
Add to .env:
CROVLY_SECRET_KEY=crvl_secret_xxx
Plain PHP (No Framework)
<?php require_once 'vendor/autoload.php'; use Crovly\Crovly; use Crovly\Exceptions\CrovlyException; $crovly = new Crovly('crvl_secret_xxx'); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $token = $_POST['crovly-token'] ?? ''; try { $response = $crovly->verify($token, $_SERVER['REMOTE_ADDR']); if ($response->isHuman()) { // Process form echo 'Form submitted successfully'; } else { http_response_code(403); echo 'Bot detected (score: ' . $response->score . ')'; } } catch (CrovlyException $e) { http_response_code(500); echo 'Verification error: ' . $e->getMessage(); } }
Configuration
$crovly = new Crovly('crvl_secret_xxx', [ 'apiUrl' => 'https://api.crovly.com', // API base URL (default) 'timeout' => 10, // Request timeout in seconds (default) ]);
Error Handling
use Crovly\Exceptions\CrovlyException; use Crovly\Exceptions\ValidationException; use Crovly\Exceptions\ApiException; try { $response = $crovly->verify($token, $ip); } catch (ValidationException $e) { // 400 — Invalid token or missing parameters echo $e->getMessage(); } catch (ApiException $e) { // 401 — Invalid secret key // 403 — Forbidden // 429 — Rate limited // 5xx — Server error echo $e->getStatusCode() . ': ' . $e->getMessage(); } catch (CrovlyException $e) { // Network errors, JSON parse errors echo $e->getErrorCode() . ': ' . $e->getMessage(); }
Frontend Setup
Add the widget to your HTML form:
<script src="https://get.crovly.com/widget.js" data-site-key="crvl_site_xxx"></script> <form method="POST" action="/submit"> <div id="crovly-captcha"></div> <button type="submit">Submit</button> </form>
The widget adds a hidden crovly-token field to the form on successful verification.
Documentation
Full documentation at docs.crovly.com.
License
MIT
crovly/crovly-php 适用场景与选型建议
crovly/crovly-php 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 03 月 02 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「captcha」 「verification」 「proof-of-work」 「pow」 「bot-protection」 「crovly」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 crovly/crovly-php 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 crovly/crovly-php 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 crovly/crovly-php 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Diese Contao 4 Erweiterung stellt Google reCAPTCHA V2 in Form eines neuen Formularfeldes im Formulargenerator bereit. This extension provides Google reCAPTCHA V2 in the form of a new form field in the form generator of Contao Open Source CMS.
Laravel Package for easier user email verification.
Two Captcha
Laravel 5 Securimage helper
Hashcash implementation in PHP.
Zend Captcha bundle
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 25
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-03-02