Crovly

PHP SDK

Server-side captcha token verification for PHP.

Installation

composer require crovly/crovly-php

Requires PHP 8.1+ and the cURL extension.

Basic Usage

use Crovly\Crovly;

$crovly = new Crovly('crvl_secret_YOUR_API_KEY');

$result = $crovly->verify($_POST['crovly-token'], [
    'expectedIp' => $_SERVER['REMOTE_ADDR'],
]);

if (!$result->isHuman()) {
    http_response_code(403);
    die('Captcha verification failed');
}

API

new Crovly(secretKey, options?)

ParameterTypeDefaultDescription
$secretKeystringYour API key (required)
$options['baseUrl']stringhttps://api.crovly.comAPI base URL
$options['timeout']int10Request timeout in seconds

$crovly->verify(token, options?)

ParameterTypeRequiredDescription
$tokenstringYesToken from the widget
$options['expectedIp']stringNoIP to verify against

VerifyResponse

$result->isHuman();   // bool — shorthand for $result->success
$result->success;     // bool
$result->score;       // float (0.0–1.0)
$result->ip;          // string
$result->solvedAt;    // int (Unix ms)
$result->error;       // string|null

Laravel Example

// app/Http/Controllers/ContactController.php
use Crovly\Crovly;

class ContactController extends Controller
{
    public function store(Request $request)
    {
        $crovly = new Crovly(config('services.crovly.secret'));

        $result = $crovly->verify($request->input('crovly-token'), [
            'expectedIp' => $request->ip(),
        ]);

        if (!$result->isHuman()) {
            return back()->withErrors(['captcha' => 'Verification failed']);
        }

        // Process the form...
    }
}
// config/services.php
'crovly' => [
    'site_key' => env('CROVLY_SITE_KEY'),
    'secret' => env('CROVLY_SECRET_KEY'),
],

WordPress

Install the Crovly WordPress plugin for automatic integration with login, registration, comments, and WooCommerce forms.

  1. Download from GitHub or install via WordPress plugin manager
  2. Go to Settings → Crovly
  3. Enter your Site Key and API Key
  4. Select which forms to protect

Error Handling

use Crovly\Crovly;
use Crovly\Exceptions\ApiException;
use Crovly\Exceptions\ValidationException;

try {
    $result = $crovly->verify($token);
} catch (ValidationException $e) {
    // Invalid token format
} catch (ApiException $e) {
    // API error (rate limit, auth, etc.)
    echo $e->getStatusCode();
}
ExceptionDescription
ValidationExceptionInvalid request data
ApiExceptionAPI returned an error (401, 429, etc.)
CrovlyExceptionBase exception class

On this page

InstallationBasic UsageAPInew Crovly(secretKey, options?)$crovly->verify(token, options?)VerifyResponseLaravel ExampleWordPressError Handling