简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW)
How to verify Google reCAPTCHA v3 on the server side?
P粉904191507
P粉904191507 2023-08-27 16:48:47
0
2
457
<p>I just set up the new Google Captcha with checkboxes and it works fine on the front end, but I don't know how to handle it on the server side using PHP. I tried using the old code below but the form is sent even though the verification code is invalid. </p> <pre class="brush:php;toolbar:false;">require_once('recaptchalib.php'); $privatekey = "my key"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $errCapt='<p style="color:#D6012C ">The CAPTCHA Code was not entered correctly.</p>';}</pre> <p><br /></p>
P粉904191507
P粉904191507

reply all(2)
P粉297434909
P粉2974349092023-08-28 12:23:43 2 floor

Private Key Security

While the answers here certainly work, they use GET requests, which exposes your private key (even with https ). On Google Developers, the specified method is POST.

For more details: https://stackoverflow.com/a/323286/1680919

Verify via POST

function isValid() 
{
    try {

        $url = 'https://www.google.com/recaptcha/api/siteverify';
        $data = ['secret'   => '[YOUR SECRET KEY]',
                 'response' => $_POST['g-recaptcha-response'],
                 'remoteip' => $_SERVER['REMOTE_ADDR']];
                 
        $options = [
            'http' => [
                'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
                'method'  => 'POST',
                'content' => http_build_query($data) 
            ]
        ];
    
        $context  = stream_context_create($options);
        $result = file_get_contents($url, false, $context);
        return json_decode($result)->success;
    }
    catch (Exception $e) {
        return null;
    }
}

Array syntax: I use the "new" array syntax ([ and ] instead of array(..)). If your version of php doesn't support this yet, you will have to edit these 3 array definitions accordingly (see comments).

Return value: If the user is valid, this function returns true; if it is invalid, it returns false; if the user is valid, it returns nullIf an error occurs. For example, you can use it simply by writing if (isValid()) { ... }

Like +0
Add Reply
P粉262113569
P粉2621135692023-08-28 10:59:16 1 floor

This is the solution

index.html


  
    Google recapcha demo - Codeforgeek
    
  


  
    
Google reCAPTHA Demo

verification.php

Please check the the captcha form.';
        exit;
    }

    $response = json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=YOUR SECRET KEY&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
    if($response['success'] == false)
    {
        echo '
You are spammer ! Get the @$%K out
';
    }
    else
    {
        echo '
Thanks for posting comment.
';
    }
?>

http://codeforgeek.com/2014/12/google-recaptcha-tutorial /

Like +0
Add Reply
Popular Topics
More>
Popular Articles
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!