NetSuite’s online forms are a great way to capture new leads, update customer information or even register for events. One way to ensure that the data captured by your online forms are accurate is to add a CAPTCHA system which can help protect your data from spam or other malicious attacks. NetSuite does not currently have CAPTCHA fields built in, however we can use SuiteScript to take advantage of an external CAPTCHA service. In this case I am focusing on Google’s free reCAPTCHA.
If you are unfamiliar with reCAPTCHA, it is a free service that can help protect your account pages from non-human, malicious submissions or other various attacks.
Step 1: You will first need to have a Google account and generate both public and private keys that will be used later in your page configuration. You can use your forms domain (ex. forms.netsuite.com) to generate them. These keys will allow the reCAPTCHA tool to display correctly in your online HTML form.
Step 2: is to create your online HTML form under Setup>Marketing>Online Customer Forms and create a custom HTML template and add all of the NetSuite fields that you would like to capture when a user submits the form.
Step 3: Once your form is created, add the reCAPTCHA code provided by Google and update it with your public Key that was generated earlier. View your online form using the external link to ensure that you have correctly added the code and public keys.
https://developers.google.com/recaptcha/docs/display
You will also need to add code for the bootstrap and jQuery library so that you can retrieve a response later with a script.
This should look like this in your form:
If you do not see this, view your HTML code and be sure that your key is entered correctly and that the domain you used to generate the keys matches your form page (either forms.netsuite.com or forms.na1.netsuite.com).
Step 4: Once the look and feel of the form is finalized, you will need to write both a client script and a “suitelet” to validate the user’s input before the form can be saved.
The client script will take the value entered in the reCAPTCHA tool and call the suitelet that will send to google to validate using the private key, and return a response that we can use to submit the form or force the user to try again.
With reCAPTCHA configured on your online forms you can feel more confident that the data captured in your NetSuite account is valid and was submitted by a real person. Implementing the SuiteScript to validate the user input may require help from an internal technical resource or you can contact RSM at erp@rsmus.com to help optimize your NetSuite instance. RSM is a nationally recognized NetSuite partner with certified consultants across the country.
By: Matt Hendricks – Colorado NetSuite Solution Provider