Issue with hcaptcha #70
Description
We've run into some issues with this plugin on a 4.4 site. It's set up with only hcaptcha as a rule, hcaptcha is set up correctly and on the signup page we are getting the Captcha element as expected.
When I complete the tests it get's marked with a tick and I can see that the pass information is being received from the remote side
however, the form fails on submission due to the sanity checking which uses the returned value failing.
I put some debug into the file rules/hcaptcha/classes/rule.php to spit out the response from the post_data_check curl call and the information being passed to it which looks like this:
`[Fri Jun 27 16:12:41.341794 2025] [php:notice] [pid 2048567] [client 51.195.213.69:56766] Array\n(\n [secret] => \n [sitekey] => \n [response] => P1_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9haJwZACjZXhwzmhew2qncGFzc2tlecUEev3SKnVDMG-Uw1pDHG3Y_baeobxFHcyeIFylvO0gAswQXgI1RbCMJ2KIlix0EuvYd7zBK2CMNF5aeEiRnQVJLAHMjwkiiwsKlw5oG9VqosBtpRU9VrLvKDgPL42pRTDRRiJEy8AIC0p41gUFoM54NhCUkhfWH_TffksiNRlCddQT-T5ywZzUiRm36gOKrkxtu6TG_4b7mp9UEB734JV34KopzI8pVjTQBsl3-g5oB5v-uxez3P3pKoLvFlQMsvtpPc3ZtqeE1iEHbuUUT9ugQrgzUhH9-KloW6rTojMQSWEmopF4klbz0oGnmvorYauCKrJgjJUP7p2vWKADQMMRvfYaui_lYhZc8ipIsWFFWC387IY6B_SH3kKZjJty30loGLWx0WZbQzoEkJ6Xp_n_hVnGk3njUkdL_AZIkXXasfPVMBELa34j6gdx_bf6PzteNFKQX_fvhsa7IjuznkxktTldhdy0CcZa-y_3Md_nMhWYtAIgqKA2k84HmSDId5DRAJoaUhLPokARMT_X4vOgZgHCT_jN6JR-JBl-RBl7LbeS-prR4dJTyEJZY9QmGz2Ujj3PgNS8MiLY4bD-Kk8sGaD9N6wpXK5cwvnIMw-tRtt7KpZtL5PsT_KoiU1dYxHrTjRZVhFjxrgqKSPvlw0SCT3ZVLTkF45sTrbt2DxdXNJUkumECQ2Jk_UdFXDKRu0AiDBnAWu6pK6-qZYIisiuu9Ovzwi-8WPa3OvYUwt6RMtNBts6BofC6MlWAX88atyk4mEMIykuH9--Jyx0gex4j6lfHBQGABla92HVRoipPaXpv82vCZvaVntVDjk9aZJto_5Bd37VZimdnFEEUh-qplMt0Ml0PcXewXhrfbgpyh0IWZIgYv3epjav0jCfHN6_hJI0gC1vPBbDW4QrOgE1BVUrCeVTMf0WIKEw1ilYAbPig3sPUVAvMYSK8juZ-r7ooDaDyfNRpgiplM7b-7-XIbllcFbMPN5kGGxtCIPRVJVWM3eDH8oz5oo-c8WnmzaxrT-jOlWkq8h0D6vlpqaplWTm3Bcztwp1wLI1lMWny84ukWmhvVvxUJ42ocofYGpYApuVWes2sxd4BmCm8a1TNU7OTWm9oYPcJwkQCBUnQ_If6gl1qzUhIxFQ0Z27ni5Cg3fhnaGQ83z1AAY2WyxdUIa_5Pt-Fq957zkSN2ZFx9IMiZRprUcuxd8BHXffV_ZhCfNeVI132t1QV6bMN5MCeU60TtfYjP-HS4jY6pDrQu5PaVycBtWzouffvbhIDGpr3yD02aBhTBPeMaNynJ2D0qJAwuCpxcKxYGHuytoRlUEreQWCdpKYfxw8bXFsQmLfmKsp-aAd0RwAKQZE8yl8tMsoPnLbdLLajNuNGC0kUR1ioQsr_UV2SB9HBrpaE3AzNLLj8wMB_eaq6hw4OoMIcKhPfizT0JSCqm1S1o_972XEoiXqMh9QgYEU5thFfGSw4lwiS4BTCaJ-y60SgOdhuCYyQBCFGFwpR9LdclN7_5X75pbWz_h4LCvvVqJrcqgyNWJjNjUyM6hzaGFyZF9pZM4DMYNvEELXn40RIVhLyQOF2iry78atELmAeF-oPZcFVJHJcro\n [remoteip] => 51.195.213.69\n)\n, referer: https://elearning.unitracc.com/login/signup.php
[Fri Jun 27 16:12:41.369909 2025] [php:notice] [pid 2048567] [client 51.195.213.69:56766] response = {"success":false,"error-codes":["invalid-input-response"]}, referer: https://elearning.unitracc.com/login/signup.php
`
I've removed the Client secret and key from the data being passed. From the hcaptcha dev docs it says that this response is due to the fact that the parameter (verification token) is invalid or malformed.