<div dir="ltr"><div>With the CloudFlare Turnstile Site Key (as recaptchaPublicKey), Secret Key (as recaptchaPrivateKey) and using "?compat=recaptcha", the following seems to work.</div><div><br></div>/opt/zendto/templates/header.tpl<div>43,44c43,44<br></div><div><             grecaptcha.render('google-recaptcha', {<br><               'sitekey' : '{$recaptchaSiteKey}'<br>---<br>>             grecaptcha.render('cf-turnstile', {<br>>             'sitekey' : '{$recaptchaSiteKey}'<br>51c51,52<br><         <script src="<a href="https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}">https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}</a>" async defer></script><br>---<br>> <!--        <script src="<a href="https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}">https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}</a>" async defer></script> --><br>>       <script src="<a href="https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha">https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha</a>" async defer></script><br>53c54,55<br><         <script src="<a href="https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}&onload=onloadCallback&render=explicit">https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}&onload=onloadCallback&render=explicit</a>" async defer></script><br>---<br>> <!--        <script src="<a href="https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}&onload=onloadCallback&render=explicit">https://www.recaptcha.net/recaptcha/api.js?hl={$recaptchaLang}&onload=onloadCallback&render=explicit</a>" async defer></script> --><br>>       <script src="<a href="https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha">https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha</a>" async defer></script><br><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><br></div><div>/opt/zendto/templates/pickupcheck.tpl</div><div>29c29,30<br></div><div><                 <div id="google-recaptcha" name="google-recaptcha"></div><br>---<br>> <!--                <div id="google-recaptcha" name="google-recaptcha"></div> --><br>>               <div class="cf-turnstile" data-sitekey="{$recaptchaSiteKey}" data-callback="javascriptCallback"></div><br></div><div><br></div><div>/opt/zendto/templates/verify.tpl</div><div>155c155,156<br></div><div><                 <div id="google-recaptcha" name="google-recaptcha"></div><br>---<br>> <!--                <div id="google-recaptcha" name="google-recaptcha"></div> --><br>>               <div class="cf-turnstile" data-sitekey="{$recaptchaSiteKey}" data-callback="javascriptCallback"></div><br></div><div><br></div><div>/opt/zendto/www/ReCaptcha/RequestMethod/CurlPost.php</div><div>43,44c43,44<br></div><div><     const SITE_VERIFY_URL = '<a href="https://www.recaptcha.net/recaptcha/api/siteverify">https://www.recaptcha.net/recaptcha/api/siteverify</a>';<br><<br>---<br>> //    const SITE_VERIFY_URL = '<a href="https://www.recaptcha.net/recaptcha/api/siteverify">https://www.recaptcha.net/recaptcha/api/siteverify</a>';<br>>     const SITE_VERIFY_URL = '<a href="https://challenges.cloudflare.com/turnstile/v0/siteverify">https://challenges.cloudflare.com/turnstile/v0/siteverify</a>';<br></div><div><br></div><div><br></div><div><br>Kris Lou<br><a href="mailto:klou@themusiclink.net" target="_blank">klou@themusiclink.net</a></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Mar 17, 2023 at 3:21 AM <<a href="mailto:jules@zend.to">jules@zend.to</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>

  
    
  
  <div>
    Kris,<br>
    <br>
    The method I use is CurlPost. So the erroneous URL in Post.php
    doesn't get used anyway.<br>
    <br>
    Cheers,<br>
    Jules.<br>
    <br>
    <div>On 16/03/2023 00:12, Kris Lou via
      ZendTo wrote:<br>
    </div>
    <blockquote type="cite">
      
      <div dir="ltr">Looking into this a little further (also to play
        around with Turnstile), I'm noticing the following:
        <div><br>
        </div>
        <div># grep -R siteverify *<br>
          ReCaptcha/ReCaptcha.php:     * Calls the reCAPTCHA siteverify
          API to verify whether the user passes<br>
          ReCaptcha/RequestMethod/CurlPost.php:    const SITE_VERIFY_URL
          = '<a href="https://www.recaptcha.net/recaptcha/api/siteverify" target="_blank">https://www.recaptcha.net/recaptcha/api/siteverify</a>';<br>
          ReCaptcha/RequestMethod/Post.php:    const SITE_VERIFY_URL = '<a href="https://www.google.com/recaptcha/api/siteverify" target="_blank">https://www.google.com/recaptcha/api/siteverify</a>';<br>
          ReCaptcha/RequestMethod/SocketPost.php:    const
          SITE_VERIFY_PATH = '/recaptcha/api/siteverify';<br>
        </div>
        <div><br>
        </div>
        <div>Are Post.php and SocketPost.php supposed to reference the <a href="http://google.com" target="_blank">google.com</a> path, or the <a href="http://recaptcha.net" target="_blank">recaptcha.net</a> URLs?  </div>
      </div>
      <br>
      <fieldset></fieldset>
      <pre>_______________________________________________
ZendTo mailing list
<a href="mailto:ZendTo@zend.to" target="_blank">ZendTo@zend.to</a>
<a href="http://jul.es/mailman/listinfo/zendto" target="_blank">http://jul.es/mailman/listinfo/zendto</a>
</pre>
    </blockquote>
    <br>
    <pre cols="72">Jules

-- 
Julian Field MEng CEng CITP MBCS MIEEE MACM

'It's okay to live without all the answers' - Charlie Eppes, 2011

<a href="http://www.Zend.To" target="_blank">www.Zend.To</a>
Twitter: @JulesFM
</pre>
  </div>

</blockquote></div>