In website operation, the留言 and 评论 function is an important channel for interaction with users, but it is often also a hotbed of spam and malicious flooding.It is particularly important to add captcha to these interactive functions in order to maintain a clean and high-quality communication environment.A security CMS understands this and provides a convenient solution for it.

How can I display a captcha in the留言or comment function of Anqi CMS to effectively resist spam?This mainly consists of two core steps: first, enable the captcha function in the background, and then integrate the captcha elements into the front-end template.

Step 1: Enable the captcha function in the Anqi CMS background

The foundation of all functions starts with the configuration on the backend. To enable captcha for comments or messages, you need to go to the AnQi CMS management interface to set it up.Generally, you can find options like "Function Management" or "Background Settings" in the left menu bar.

In these feature modules, there will be a special setting item for comments and reviews.AnQi CMS usually provides a clear switch, such as 'Turn on the comment verification code function for messages.'Just find and click this switch, change its status from 'disabled' to 'enabled'.Once enabled, the backend of the system will be ready to receive and verify the captcha for your message and comment features.This operation is very intuitive, no complex parameter configuration is required, ensuring the implementation of the backend security mechanism.

Step 2: Integrate the captcha element into the front-end template

After enabling the background work, the next step is to display the captcha to the user. This requires you to make corresponding modifications to the website front-end message or comment form template.

For website comments, you usually modify such asguestbook/index.htmlSuch a template file; as for the comment function on the article or product detail page, the captcha form may be located in the template of the article detail page, or it may be an independent comment form fragment (for example, by usingincludeThe template introduced by the tag).

You need to add several key HTML elements and a small JavaScript code snippet to the form to display and interact with the captcha. These elements include a hidden input box for storing the captcha ID, a text input box for the user to enter the captcha, and an image display for the captcha.<img>.

You can refer to the following code snippet and insert it into the appropriate position in your comment or review form:

<div style="display: flex; clear: both; align-items: center; margin-bottom: 15px;">
  <input type="hidden" name="captcha_id" id="captcha_id">
  <input type="text" name="captcha" required placeholder="请填写验证码" class="form-control" style="flex: 1; margin-right: 10px;">
  <img src="" id="get-captcha" style="width: 150px; height: 40px; cursor: pointer; border: 1px solid #ddd; background-color: #f5f5f5;" alt="验证码" title="点击刷新验证码"/>
  <script>
    document.getElementById('get-captcha').addEventListener("click", function (e) {
      fetch('/api/captcha')
              .then(response => {
                // 确保响应是JSON格式,并检查是否有错误
                if (!response.ok) {
                    throw new Error('网络请求失败或验证码API返回错误');
                }
                return response.json();
              })
              .then(res => {
                if (res.code === 0 && res.data) {
                    document.getElementById('captcha_id').setAttribute("value", res.data.captcha_id);
                    document.getElementById('get-captcha').setAttribute("src", res.data.captcha);
                } else {
                    console.error("获取验证码失败:", res.msg || "未知错误");
                    // 可以在这里更新图片为错误提示或占位符
                }
              })
              .catch(err => {
                console.error("获取验证码过程中发生错误:", err);
                // 可以在这里更新图片为错误提示或占位符
              });
    });
    // 页面加载时自动获取验证码
    document.getElementById('get-captcha').click();
  </script>
</div>

The purpose of this code is:

  • captcha_idHidden fieldIt will be used to store the unique identifier for each generated captcha, which will be sent to the backend along with the captcha entered by the user when the form is submitted.
  • captchaText input box: This is the place where the characters seen in the user input image are.
  • get-captchaImage label: This label will display the verification code image generated by the backend.
  • JavaScript Part:
    • It first adds a click event listener to the captcha image. When the user clicks the image, it will go throughfetcha request/api/captchaInterface, obtain the new captcha image URL and correspondingcaptcha_id.
    • After obtaining the data, it will update<img>label'ssrcproperties to display the new captcha image and update the hidden input boxcaptcha_idthe value.
    • document.getElementById('get-captcha').click();This line of code ensures that a click event is triggered immediately when the page is first loaded, thereby automatically loading and displaying the first captcha image.

If you are accustomed to using jQuery, that part of the JavaScript can be written like this: 

<script>
  // jQuery 调用方式
  $(document).ready(function() {
    $('#get-captcha').on("click", function (e) {
      $.get('/api/captcha', function(res) {
        if (res.code === 0 && res.data) {
          $('#captcha_id').attr("value", res.data.captcha_id);
          $('#get-captcha').attr("src", res.data.captcha);
        } else {
          console.error("获取验证码失败:", res.msg || "未知错误");
        }
      }, 'json').fail(function(jqXHR, textStatus, errorThrown) {
        console.error("获取验证码过程中发生错误:", textStatus, errorThrown);
      });
    });
    // 页面加载时自动获取验证码
    $('#get-captcha').click();
  });
</script>

Make sure to place the above code snippet in the comment or message form of your website<form>Inside the tag, and the corresponding JavaScript library has been introduced in the page (if using the jQuery version).After making these changes, your message and comment function will have the protection of a captcha.

By following these two simple steps, your security CMS website will effectively filter out a large amount of automated spam information, providing your users with a cleaner and more friendly interactive space.

Frequently Asked Questions (FAQ)

  1. Q: Why did the captcha image not display after I followed the steps?A: If the captcha image is not displayed properly, first check if the 'Enable comment captcha feature' has been set to enabled in the background. Next, check the Console of the browser developer tools (usually opened by pressing F12) for any JavaScript errors, or in the Network tab./api/captchaDid the request successfully return image data andcaptcha_id. Also, make sure that the HTML structure and JavaScript code are pasted correctly in your template file, especiallyidIs the attribute matching correct.

  2. Q: What types of captcha are supported by Anqi CMS? Can it be changed to advanced verification methods such as sliding verification?A: The current AnQi CMS built-in captcha function mainly provides a basic captcha based on image character recognition.This verification method is simple to deploy and reliable. If a more advanced verification method is needed, such as sliding verification, graphic verification, or SMS verification code, it may require secondary development or integration with a third-party verification service, which will involve deeper code modification.

  3. Q: Will enabling captcha have an impact on the website's SEO?A: Generally, adding a captcha to the comment or message function has a negligible impact on the website's SEO.The search engine spider does not interact directly with the captcha when crawling web content.The captcha mainly affects the behavior of users submitting forms. If the captcha is too complex or difficult to recognize, it may slightly affect the user experience, which in turn may indirectly affect user activity, but for the vast majority of legitimate users, it is acceptable for the cleanliness of the website environment.