Turnstile is Cloudflare's smart CAPTCHA alternative. The module allows Turnstile to protect your Prestashop forms:
- Contact
- Login
- Register
- Reset password
- Custom or third-party forms
- Prestashop >= 1.7.6.0
- PHP >= 7.2.0
Download the pixel_cloudflare_turnstile.zip file from the last release assets.
Go to the admin module catalog section and click Upload a module. Select the downloaded zip file.
Move the downloaded file in the Prestashop modules directory and unzip the archive. Go to the admin module catalog section and search for "Cloudflare Turnstile".
- Sitekey: the sitekey given for the site in your Cloudflare dashboard
- Secret key: the secret key given for the site in your Cloudflare dashboard
- Theme: the Turnstile theme (auto, light or dark)
- Forms to validate: the forms where a Turnstile validation is required
For the registration form, the widget is automatically added with a hook. For "contact", "login" and "reset password" forms, you need to manually add the widget in the template files, usually before the validation button.
Never select a form to validate without the widget in the form template.
{widget name='pixel_cloudflare_turnstile'}Override the default configured theme by adding a theme option (auto, light or dark):
{widget name='pixel_cloudflare_turnstile' theme='dark'}Override the default action name by adding an action option:
{widget name='pixel_cloudflare_turnstile' action='my-form'}| Form | Template |
|---|---|
| Contact | themes/{themeName}/modules/contactform/views/templates/widget/contactform.tpl |
| Login | themes/{themeName}/templates/customer/_partials/login-form.tpl |
| Reset password | themes/{themeName}/templates/customer/password-email.tpl |
- Add the Cloudflare Turnstile widget in the Smarty form template:
{widget name='pixel_cloudflare_turnstile' custom='1' action='custom-form'}Note: The action param is a free name that will appear in the Turnstile statistics
- In a module, add a new hook to call Turnstile validation on form post:
public function install(): bool
{
return parent::install() &&
$this->registerHook('actionFrontControllerInitBefore');
}
public function hookActionFrontControllerInitBefore(array $params): void
{
$controllerClass = get_class($params['controller']);
if ($controllerClass === 'MyFormController' && Tools::isSubmit('myForm')) {
Pixel_cloudflare_turnstile::turnstileValidation();
}
}If the validation fails, the customer is redirected to the previous page with an error message.
Use the following sitekeys and secret keys for testing purposes:
Sitekey
| Sitekey | Description |
|---|---|
| 1x00000000000000000000AA | Always passes |
| 2x00000000000000000000AB | Always blocks |
| 3x00000000000000000000FF | Forces an interactive challenge |
Secret key
| Secret key | Description |
|---|---|
| 1x0000000000000000000000000000000AA | Always passes |
| 2x0000000000000000000000000000000AA | Always fails |
| 3x0000000000000000000000000000000AA | Yields a "token already spent" error |