SilentShield

PHP Integration

Protect your PHP forms with SilentShield. This guide covers Laravel, Symfony, and native PHP.

1. Frontend Setup

Add the SilentShield script to your template (Blade, Twig, or plain HTML):

HTML + PHPphp
<script src="https://api.silentshield.io/client.js?key=<?= $apiKey ?>" defer></script>
<script>
  document.addEventListener('DOMContentLoaded', function() {
    SilentShield.init({ apiKey: '<?= $apiKey ?>' });
  });
</script>

2a. Native PHP Verification

Validate the nonce on form submission:

PHPphp
<?php
$nonce = $_POST['ss_nonce'] ?? '';
if (empty($nonce)) {
    http_response_code(422);
    die('Missing verification nonce');
}

$ch = curl_init('https://api.silentshield.io/api/v1/captcha/verify-nonce');
curl_setopt_array($ch, [
    CURLOPT_POST => true,
    CURLOPT_HTTPHEADER => [
        'Content-Type: application/json',
        'X-Api-Key: ' . SILENTSHIELD_API_KEY,
    ],
    CURLOPT_POSTFIELDS => json_encode(['nonce' => $nonce]),
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_TIMEOUT => 5,
]);
$result = json_decode(curl_exec($ch), true);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($httpCode !== 200 || ($result['verdict'] ?? '') === 'bot') {
    http_response_code(403);
    die('Bot detected');
}

// Form is safe — continue processing
?>

2b. Laravel Middleware

Create a middleware to verify the nonce automatically on all POST requests:

Laravel Middlewarephp
<?php
// app/Http/Middleware/VerifySilentShield.php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;

class VerifySilentShield
{
    public function handle(Request $request, Closure $next)
    {
        $nonce = $request->input('ss_nonce');
        if (!$nonce) {
            return response()->json(['error' => 'Missing nonce'], 422);
        }

        $response = Http::withHeaders([
            'X-Api-Key' => config('services.silentshield.key'),
        ])->timeout(5)->post(
            'https://api.silentshield.io/api/v1/captcha/verify-nonce',
            ['nonce' => $nonce]
        );

        if ($response->json('verdict') === 'bot') {
            return response()->json(['error' => 'Bot detected'], 403);
        }

        return $next($request);
    }
}

Register the Middleware

Add the middleware to your routes in bootstrap/app.php or Kernel.php:

routes/web.phpphp
// routes/web.php
Route::post('/contact', [ContactController::class, 'submit'])
    ->middleware(VerifySilentShield::class);

WordPress

For WordPress integration, see the dedicated WordPress guide.