Added TReCaptcha2 and wrote doc; fix #560

1 files changed, 37 insertions, 0 deletions

diff --git a/demos/quickstart/protected/pages/Controls/ReCaptcha2.page b/demos/quickstart/protected/pages/Controls/ReCaptcha2.page
new file mode 100644
index 00000000..dd87a22d
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/ReCaptcha2.page
@@ -0,0 +1,37 @@
+<com:TContent ID="body" >
+
+<h1>TReCaptcha</h1>
+<com:DocLink ClassPath="System.Web.UI.WebControls.TReCaptcha" />
+
+<p class="block-content">
+<tt>TReCaptcha</tt> displays a <a href="https://www.google.com/recaptcha">reCAPTCHA v2</a> that can be used to determine if the input is entered by a real user instead of some program. It can also prevent multiple submits of the same form either by accident, or on purpose (ie. spamming).
+</p>
+
+<p class="block-content">
+The reCAPTCHA to solve (a string consisting of two separate words) displayed is automatically generated by the reCAPTCHA system at recaptcha.net. However, in order to use the services of the site you will need to register and get a public and a private API key pair, and  supply those to the reCAPTCHA control through setting the <tt>SecretKey</tt> and <tt>SiteKey</tt> properties.
+</p>
+
+<p class="block-content">
+Currently the reCAPTCHA API supports only one reCAPTCHA field per page, so you MUST make sure that all your input is protected and validated by a single reCAPTCHA control. Placing more than one reCAPTCHA control on the page will lead to unpredictable results, and the user will most likely unable to solve any of them successfully.
+ </p>
+
+<p class="block-content">
+Upon postback, user input can be validated by calling <tt>validate()</tt>. The <tt>TReCaptcha2Validator</tt> control can also be used to do validation, which provides server-side validation. Calling <tt>validate()</tt> will invalidate the token supplied, so all consecutive calls to the method - without solving a new captcha - will return false. Therefore if implementing a multi-stage input process, you must make sure that you call <tt>validate()</tt> only once, either at the end of the input process, or you store the result till the end of the processing.
+</p>
+
+<p class="block-content">
+The following template shows a typical use of TReCaptcha control:
+</p>
+
+<com:TTextHighlighter Language="prado" CssClass="source block-content">
+&lt;com:TReCaptcha2 ID="Captcha"
+   SiteKey="..."
+   SecretKey="..."
+/>
+&lt;com:TReCaptcha2Validator ControlToValidate="Captcha"
+    ErrorMessage="You are challenged!" />
+</com:TTextHighlighter>
+
+<com:RunBar PagePath="Controls.Samples.TReCaptcha2.Home" />
+
+</com:TContent>