Added TReCaptcha2 and wrote doc; fix #560

7 files changed, 138 insertions, 0 deletions

diff --git a/demos/quickstart/protected/pages/Controls/ReCaptcha.page b/demos/quickstart/protected/pages/Controls/ReCaptcha.page
new file mode 100644
index 00000000..0735bb9e
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/ReCaptcha.page
@@ -0,0 +1,37 @@
+<com:TContent ID="body" >
+
+<h1>TReCaptcha</h1>
+<com:DocLink ClassPath="System.Web.UI.WebControls.TReCaptcha" />
+
+<p class="block-content">
+<tt>TReCaptcha</tt> displays a <a href="https://www.google.com/recaptcha">reCAPTCHA v1</a> that can be used to determine if the input is entered by a real user instead of some program. It can also prevent multiple submits of the same form either by accident, or on purpose (ie. spamming).
+</p>
+
+<p class="block-content">
+The reCAPTCHA to solve (a string consisting of two separate words) displayed is automatically generated by the reCAPTCHA system at recaptcha.net. However, in order to use the services of the site you will need to register and get a public and a private API key pair, and  supply those to the reCAPTCHA control through setting the <tt>PrivateKey</tt> and <tt>PublicKey</tt> properties.
+</p>
+
+<p class="block-content">
+Currently the reCAPTCHA API supports only one reCAPTCHA field per page, so you MUST make sure that all your input is protected and validated by a single reCAPTCHA control. Placing more than one reCAPTCHA control on the page will lead to unpredictable results, and the user will most likely unable to solve any of them successfully.
+ </p>
+
+<p class="block-content">
+Upon postback, user input can be validated by calling <tt>validate()</tt>. The <tt>TReCaptchaValidator</tt> control can also be used to do validation, which provides server-side validation. Calling <tt>validate()</tt> will invalidate the token supplied, so all consecutive calls to the method - without solving a new captcha - will return false. Therefore if implementing a multi-stage input process, you must make sure that you call <tt>validate()</tt> only once, either at the end of the input process, or you store the result till the end of the processing.
+</p>
+
+<p class="block-content">
+The following template shows a typical use of TReCaptcha control:
+</p>
+
+<com:TTextHighlighter Language="prado" CssClass="source block-content">
+&lt;com:TReCaptcha ID="Captcha"
+   PublicKey="..."
+   PrivateKey="..."
+/>
+&lt;com:TReCaptchaValidator ControlToValidate="Captcha"
+    ErrorMessage="You are challenged!" />
+</com:TTextHighlighter>
+
+<com:RunBar PagePath="Controls.Samples.TReCaptcha.Home" />
+
+</com:TContent>
diff --git a/demos/quickstart/protected/pages/Controls/ReCaptcha2.page b/demos/quickstart/protected/pages/Controls/ReCaptcha2.page
new file mode 100644
index 00000000..dd87a22d
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/ReCaptcha2.page
@@ -0,0 +1,37 @@
+<com:TContent ID="body" >
+
+<h1>TReCaptcha</h1>
+<com:DocLink ClassPath="System.Web.UI.WebControls.TReCaptcha" />
+
+<p class="block-content">
+<tt>TReCaptcha</tt> displays a <a href="https://www.google.com/recaptcha">reCAPTCHA v2</a> that can be used to determine if the input is entered by a real user instead of some program. It can also prevent multiple submits of the same form either by accident, or on purpose (ie. spamming).
+</p>
+
+<p class="block-content">
+The reCAPTCHA to solve (a string consisting of two separate words) displayed is automatically generated by the reCAPTCHA system at recaptcha.net. However, in order to use the services of the site you will need to register and get a public and a private API key pair, and  supply those to the reCAPTCHA control through setting the <tt>SecretKey</tt> and <tt>SiteKey</tt> properties.
+</p>
+
+<p class="block-content">
+Currently the reCAPTCHA API supports only one reCAPTCHA field per page, so you MUST make sure that all your input is protected and validated by a single reCAPTCHA control. Placing more than one reCAPTCHA control on the page will lead to unpredictable results, and the user will most likely unable to solve any of them successfully.
+ </p>
+
+<p class="block-content">
+Upon postback, user input can be validated by calling <tt>validate()</tt>. The <tt>TReCaptcha2Validator</tt> control can also be used to do validation, which provides server-side validation. Calling <tt>validate()</tt> will invalidate the token supplied, so all consecutive calls to the method - without solving a new captcha - will return false. Therefore if implementing a multi-stage input process, you must make sure that you call <tt>validate()</tt> only once, either at the end of the input process, or you store the result till the end of the processing.
+</p>
+
+<p class="block-content">
+The following template shows a typical use of TReCaptcha control:
+</p>
+
+<com:TTextHighlighter Language="prado" CssClass="source block-content">
+&lt;com:TReCaptcha2 ID="Captcha"
+   SiteKey="..."
+   SecretKey="..."
+/>
+&lt;com:TReCaptcha2Validator ControlToValidate="Captcha"
+    ErrorMessage="You are challenged!" />
+</com:TTextHighlighter>
+
+<com:RunBar PagePath="Controls.Samples.TReCaptcha2.Home" />
+
+</com:TContent>
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha/Home.page
new file mode 100755
index 00000000..6a0188d6
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha/Home.page
@@ -0,0 +1,17 @@
+<com:TContent ID="body">
+<h1>TReCaptcha Samples</h1>
+
+<h2>Validating ReCAPTCHA v1</h2>
+
+Please note that this sample can't work unless you provide a valid private/public key to use the ReCAPTCHA service.
+
+<com:TReCaptcha ID="Captcha"
+   PublicKey="insert your public key here"
+   PrivateKey="insert your private key here"
+/>
+
+<com:TButton Id="SubmitButton" Text="Submit" OnClick="buttonClicked" />
+<com:TReCaptchaValidator ControlToValidate="Captcha"
+    ErrorMessage="You are challenged!" />
+
+</com:TContent>
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha/Home.php b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha/Home.php
new file mode 100755
index 00000000..d99d2df2
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha/Home.php
@@ -0,0 +1,11 @@
+<?php
+
+class Home extends TPage
+{
+	public function buttonClicked($sender,$param)
+	{
+		if($this->IsValid)
+			$sender->Text="You passed!";
+	}
+}
+
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha2/Home.page b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha2/Home.page
new file mode 100755
index 00000000..742fe496
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha2/Home.page
@@ -0,0 +1,17 @@
+<com:TContent ID="body">
+<h1>TReCaptcha Samples</h1>
+
+<h2>Validating ReCAPTCHA v2</h2>
+
+Please note that this sample can't work unless you provide a valid private/public key to use the ReCAPTCHA service.
+
+<com:TReCaptcha2 ID="Captcha"
+   SiteKey="insert your site key"
+   SecretKey="insert your secret key"
+/>
+
+<com:TActiveButton Id="SubmitButton" Text="Submit" OnCallback="buttonCallback" />
+<com:TReCaptcha2Validator ControlToValidate="Captcha"
+    ErrorMessage="You are challenged!" />
+
+</com:TContent>
diff --git a/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha2/Home.php b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha2/Home.php
new file mode 100755
index 00000000..aedbb7dc
--- /dev/null
+++ b/demos/quickstart/protected/pages/Controls/Samples/TReCaptcha2/Home.php
@@ -0,0 +1,11 @@
+<?php
+
+class Home extends TPage
+{
+	public function buttonCallback($sender,$param)
+	{
+		if($this->IsValid)
+			$sender->Text="You passed!";
+	}
+}
+
diff --git a/demos/quickstart/protected/pages/Controls/Standard.page b/demos/quickstart/protected/pages/Controls/Standard.page
index 43fecfb3..508442ed 100755
--- a/demos/quickstart/protected/pages/Controls/Standard.page
+++ b/demos/quickstart/protected/pages/Controls/Standard.page
@@ -134,6 +134,14 @@
   </li>

 

   <li>

+  <a href="?page=Controls.ReCaptcha">TReCaptcha</a> displays a <a href="https://www.google.com/recaptcha">ReCaptcha v1</a> useful to detect if the user is a bot or an human.

+  </li>

+

+  <li>

+  <a href="?page=Controls.ReCaptcha2">TReCaptcha2</a> displays a <a href="https://www.google.com/recaptcha">ReCaptcha v2</a> useful to detect if the user is a bot or an human.

+  </li>

+

+  <li>

   <a href="?page=Controls.SafeHtml">TSafeHtml</a> displays its body content with assurance that the content contain no harmful code (such as <a href="?page=Advanced.Security">XSS</a>).

   </li>