PHP-integratie

<script src="https://api.silentshield.io/client.js?key=<?= $apiKey ?>" defer></script>
<script>
  document.addEventListener('DOMContentLoaded', function() {
    SilentShield.init({ apiKey: '<?= $apiKey ?>' });
  });
</script>

<?php
$nonce = $_POST['ss_nonce'] ?? '';
if (empty($nonce)) {
    http_response_code(422);
    die('Missing verification nonce');
}

$ch = curl_init('https://api.silentshield.io/api/v1/captcha/verify-nonce');
curl_setopt_array($ch, [
    CURLOPT_POST => true,
    CURLOPT_HTTPHEADER => [
        'Content-Type: application/json',
        'X-Api-Key: ' . SILENTSHIELD_API_KEY,
    ],
    CURLOPT_POSTFIELDS => json_encode(['nonce' => $nonce]),
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_TIMEOUT => 5,
]);
$result = json_decode(curl_exec($ch), true);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($httpCode !== 200 || ($result['verdict'] ?? '') === 'bot') {
    http_response_code(403);
    die('Bot detected');
}

// Form is safe — continue processing
?>

<?php
// app/Http/Middleware/VerifySilentShield.php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;

class VerifySilentShield
{
    public function handle(Request $request, Closure $next)
    {
        $nonce = $request->input('ss_nonce');
        if (!$nonce) {
            return response()->json(['error' => 'Missing nonce'], 422);
        }

        $response = Http::withHeaders([
            'X-Api-Key' => config('services.silentshield.key'),
        ])->timeout(5)->post(
            'https://api.silentshield.io/api/v1/captcha/verify-nonce',
            ['nonce' => $nonce]
        );

        if ($response->json('verdict') === 'bot') {
            return response()->json(['error' => 'Bot detected'], 403);
        }

        return $next($request);
    }
}

// routes/web.php
Route::post('/contact', [ContactController::class, 'submit'])
    ->middleware(VerifySilentShield::class);