recaptcha

//your website's form
<form action="https://mydomain/verify-recaptcha.php" method="post" name="Leads"><input name="publicid" type="hidden" value="" />
<p> </p>
<p> </p>
<p><label>Firstname</label></p>
<p><input name="firstname" type="text" value="" /><label></label></p>
<p><label>Lastname</label></p>
<p><input name="lastname" required="true" type="text" value="" /></p>
<p><label>Phone</label></p>
<p><input name="phone" type="text" value="" /></p>
<p><label>Company</label></p>
<p><input name="company" required="true" type="text" value="" /></p>
<p><label>Email</label></p>
<p><input name="email" required="true" type="email" value="" /></p>
<p><script src="https://www.google.com/recaptcha/api.js"></script></p>
<div class="g-recaptcha" data-sitekey="YOUR RECAPTCHA SITE KEY HERE"> </div>
<p><input type="submit" value="Submit" /></p>
</form>


//Make a second file for example https://mydomain/verify-recaptcha.php and paste

<?php

    $response = $_POST["g-recaptcha-response"];
    $url = 'https://www.google.com/recaptcha/api/siteverify';
    $data = array(
        'secret' => 'YOUR RECAPTCHA SECRET KEY HERE',
        'response' => $_POST["g-recaptcha-response"]
    );
    $options = array(
        'http' => array (
            'method' => 'POST',
            'content' => http_build_query($data)
        )
    );
    $context  = stream_context_create($options);
    $verify = file_get_contents($url, false, $context);
    $captcha_success=json_decode($verify);
    if ($captcha_success->success==false) {

    header("Location: https://mydomain/capcha-try-again/");

    } else if ($captcha_success->success==true) {
        //echo "<p>You are not not a bot!</p>";
    }

?>

//for 7.2 version paste here your vtiger autogenerated webform code up to <table><tbody> tag


//Your <table><tbody> tag should be  this


<table><tbody>

<input type="hidden" name="firstname" data-label="" value="<?php echo $_POST['firstname'];?>"></td></tr>
<input type="hidden" name="phone" data-label="" value="<?php echo $_POST['phone'];?>"></td></tr>
<input type="hidden" name="lastname" data-label="" value="<?php echo $_POST['lastname'];?>" required=""></td></tr>
<input type="hidden" name="company" data-label="" value="<?php echo $_POST['company'];?>"></td></tr>
<input type="hidden" name="email" data-label="" value="<?php echo $_POST['email'];?>"></td></tr></tbody></table>
<input type="submit" style="height: 0px; width: 0px; border: none; padding: 0px;" hidefocus="true" /></form>


<script  type="text/javascript">window.onload = function() { var N=navigator.appName, ua=navigator.userAgent, tem;var M=ua.match(/(opera|chrome|safari|firefox|msie)\/?\s*(\.?\d+(\.\d+)*)/i);if(M && (tem= ua.match(/version\/([\.\d]+)/i))!= null) M[2]= tem[1];M=M? [M[1], M[2]]: [N, navigator.appVersion, "-?"];var browserName = M[0];var form = document.getElementById("__vtigerWebForm"), inputs = form.elements; form.onsubmit = function() { var required = [], att, val; for (var i = 0; i < inputs.length; i++) { att = inputs[i].getAttribute("required"); val = inputs[i].value; type = inputs[i].type; if(type == "email") {if(val != "") {var elemLabel = inputs[i].getAttribute("label");var emailFilter = /^[_/a-zA-Z0-9]+([!"#$%&()*+,./:;<=>?\^_`{|}~-]?[a-zA-Z0-9/_/-])*@[a-zA-Z0-9]+([\_\-\.]?[a-zA-Z0-9]+)*\.([\-\_]?[a-zA-Z0-9])+(\.?[a-zA-Z0-9]+)?$/;var illegalChars= /[\(\)\<\>\,\;\:\"\[\]]/ ;if (!emailFilter.test(val)) {alert("For "+ elemLabel +" field please enter valid email address"); return false;} else if (val.match(illegalChars)) {alert(elemLabel +" field contains illegal characters");return false;}}}if (att != null) { if (val.replace(/^\s+|\s+$/g, "") == "") { required.push(inputs[i].getAttribute("label")); } } } if (required.length > 0) { alert("The following fields are required: " + required.join()); return false; } var numberTypeInputs = document.querySelectorAll("input[type=number]");for (var i = 0; i < numberTypeInputs.length; i++) { val = numberTypeInputs[i].value;var elemLabel = numberTypeInputs[i].getAttribute("label");var elemDataType = numberTypeInputs[i].getAttribute("datatype");if(val != "") {if(elemDataType == "double") {var numRegex = /^[+-]?\d+(\.\d+)?$/;}else{var numRegex = /^[+-]?\d+$/;}if (!numRegex.test(val)) {alert("For "+ elemLabel +" field please enter valid number"); return false;}}}var dateTypeInputs = document.querySelectorAll("input[type=date]");for (var i = 0; i < dateTypeInputs.length; i++) {dateVal = dateTypeInputs[i].value;var elemLabel = dateTypeInputs[i].getAttribute("label");if(dateVal != "") {var dateRegex = /^[1-9][0-9]{3}-(0[1-9]|1[0-2]|[1-9]{1})-(0[1-9]|[1-2][0-9]|3[0-1]|[1-9]{1})$/;if(!dateRegex.test(dateVal)) {alert("For "+ elemLabel +" field please enter valid date in required format"); return false;}}}var inputElems = document.getElementsByTagName("input");var totalFileSize = 0;for(var i = 0; i < inputElems.length; i++) {if(inputElems[i].type.toLowerCase() === "file") {var file = inputElems[i].files[0];if(typeof file !== "undefined") {var totalFileSize = totalFileSize + file.size;}}}if(totalFileSize > 52428800) {alert("Maximum allowed file size including all files is 50MB.");return false;}}; document.forms[0].submit();}</script>


Full example of https://mydomain/verify-recaptcha.php content


<?php
    $response = $_POST["g-recaptcha-response"];
    $url = 'https://www.google.com/recaptcha/api/siteverify';
    $data = array(
        'secret' => 'YOUR RECAPTCHA SECRET',   // <= There your google recaptcha secret
        'response' => $_POST["g-recaptcha-response"]
    );
    $options = array(
        'http' => array (
            'method' => 'POST',
            'content' => http_build_query($data)
        )
    );
    $context  = stream_context_create($options);
    $verify = file_get_contents($url, false, $context);
    $captcha_success=json_decode($verify);
    if ($captcha_success->success==false) {

    header("Location: https://your-domain/capcha-try-again-page/"); // <=  change make a simple go back page

    } else if ($captcha_success->success==true) {

    }

?>

<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"><form id="__vtigerWebForm" name="Leads" action="https://MYCRMDOMAIN.ORG/modules/Webforms/capture.php" method="post" accept-charset="utf-8" enctype="multipart/form-data"><input type="hidden" name="__vtrftk" value="sid:HERE SOME TEXT,HERE SOME TEXT TOO AFTER THE COMMA"><input type="hidden" name="publicid" value="HERE WEBFORMS PUBLIC ID"><input type="hidden" name="urlencodeenable" value="1"><input type="hidden" name="name" value="Leads">

<table><tbody>

<input type="hidden" name="firstname" data-label="" value="<?php echo $_POST['firstname'];?>"></td></tr>
<input type="hidden" name="phone" data-label="" value="<?php echo $_POST['phone'];?>"></td></tr>
<input type="hidden" name="lastname" data-label="" value="<?php echo $_POST['lastname'];?>" required=""></td></tr>
<input type="hidden" name="company" data-label="" value="<?php echo $_POST['company'];?>"></td></tr>
<input type="hidden" name="email" data-label="" value="<?php echo $_POST['email'];?>"></td></tr></tbody></table>
<input type="submit" style="height: 0px; width: 0px; border: none; padding: 0px;" hidefocus="true" /></form>


<script  type="text/javascript">window.onload = function() { var N=navigator.appName, ua=navigator.userAgent, tem;var M=ua.match(/(opera|chrome|safari|firefox|msie)\/?\s*(\.?\d+(\.\d+)*)/i);if(M && (tem= ua.match(/version\/([\.\d]+)/i))!= null) M[2]= tem[1];M=M? [M[1], M[2]]: [N, navigator.appVersion, "-?"];var browserName = M[0];var form = document.getElementById("__vtigerWebForm"), inputs = form.elements; form.onsubmit = function() { var required = [], att, val; for (var i = 0; i < inputs.length; i++) { att = inputs[i].getAttribute("required"); val = inputs[i].value; type = inputs[i].type; if(type == "email") {if(val != "") {var elemLabel = inputs[i].getAttribute("label");var emailFilter = /^[_/a-zA-Z0-9]+([!"#$%&()*+,./:;<=>?\^_`{|}~-]?[a-zA-Z0-9/_/-])*@[a-zA-Z0-9]+([\_\-\.]?[a-zA-Z0-9]+)*\.([\-\_]?[a-zA-Z0-9])+(\.?[a-zA-Z0-9]+)?$/;var illegalChars= /[\(\)\<\>\,\;\:\"\[\]]/ ;if (!emailFilter.test(val)) {alert("For "+ elemLabel +" field please enter valid email address"); return false;} else if (val.match(illegalChars)) {alert(elemLabel +" field contains illegal characters");return false;}}}if (att != null) { if (val.replace(/^\s+|\s+$/g, "") == "") { required.push(inputs[i].getAttribute("label")); } } } if (required.length > 0) { alert("The following fields are required: " + required.join()); return false; } var numberTypeInputs = document.querySelectorAll("input[type=number]");for (var i = 0; i < numberTypeInputs.length; i++) { val = numberTypeInputs[i].value;var elemLabel = numberTypeInputs[i].getAttribute("label");var elemDataType = numberTypeInputs[i].getAttribute("datatype");if(val != "") {if(elemDataType == "double") {var numRegex = /^[+-]?\d+(\.\d+)?$/;}else{var numRegex = /^[+-]?\d+$/;}if (!numRegex.test(val)) {alert("For "+ elemLabel +" field please enter valid number"); return false;}}}var dateTypeInputs = document.querySelectorAll("input[type=date]");for (var i = 0; i < dateTypeInputs.length; i++) {dateVal = dateTypeInputs[i].value;var elemLabel = dateTypeInputs[i].getAttribute("label");if(dateVal != "") {var dateRegex = /^[1-9][0-9]{3}-(0[1-9]|1[0-2]|[1-9]{1})-(0[1-9]|[1-2][0-9]|3[0-1]|[1-9]{1})$/;if(!dateRegex.test(dateVal)) {alert("For "+ elemLabel +" field please enter valid date in required format"); return false;}}}var inputElems = document.getElementsByTagName("input");var totalFileSize = 0;for(var i = 0; i < inputElems.length; i++) {if(inputElems[i].type.toLowerCase() === "file") {var file = inputElems[i].files[0];if(typeof file !== "undefined") {var totalFileSize = totalFileSize + file.size;}}}if(totalFileSize > 52428800) {alert("Maximum allowed file size including all files is 50MB.");return false;}}; document.forms[0].submit();}</script>