How could I verify if google new recaptcha is checked

Question

I'm now trying to use new google recaptcha in my webpage. In previous recapthca, I usually use this script to check if user fill the recaptca challenge.

if (isset($_POST['cmdlogin'])){
    $resp = recaptcha_check_answer ($privatekey,$_SERVER['REMOTE_ADDR'],strip_tags($_POST['recaptcha_challenge_field']),strip_tags($_POST['recaptcha_response_field']));
    if (!$resp->is_valid) {// Bila captcha not true
        echo "<script>alert('Invalid! try again!');</script>";
        echo "<meta http-equiv='refresh' content='0; url=login.php'>";
        exit();
        }
....

Then, I found this tutorial [http://codeforgeek.com/2014/12/google-recaptcha-tutorial/#comment-22729, but it did not satisfy me.

Besides, when user reloads the page or time is out, there will be a "previous recaptcha", so how should I handle it then? Otherwise user will reload the page to avoid the previous one. thanks for any help.

Answer 1

To check if google recaptcha is checked or not can be done by the following javascript condition :

<script>
if(grecaptcha && grecaptcha.getResponse().length > 0)
{
     //the recaptcha is checked
     // Do what you want here
     alert('Well, recaptcha is checked !');
}
else
{
    //The recaptcha is not cheched
    //You can display an error message here
    alert('Oops, you have to check the recaptcha !');
}
</script>

Answer 2

html_element is the id of my empty div.. Then you can put the following in a function and call it on submit:

var googleResponse = jQuery('#g-recaptcha-response').val();
if (!googleResponse) {
    $('<p style="color:red !important" class="error-captcha"><span class="glyphicon glyphicon-remove " ></span> Please fill up the captcha.</p>" ').insertAfter("#html_element");
    return false;
} else {
    return true;
}

Answer 3

UPDATED: Ref: https://github.com/google/ReCAPTCHA/tree/master/php I think this question is now solved. I foundthe link and it gave me full tutorial about using new google recaptcha in php script.

ISSUE: When a user reload the page, there will be an old google recaptcha appears and we do not need to verify the old one since when user type the correct recaptcha, the "RESULT" will be sent to new recaptcha. On the other hand, the focus of the verification is not the old one but still the new one. This occurs to protect it from spam when unknown user uses other bots to attack the new one. By appearing the old one, the attack can, say, get failure.

if ($resp != null && $resp->success) {
    echo "<script>alert('SUCCESS Verifying Recaptcha!');</script>";
    echo "<meta http-equiv='refresh' content='0; url=login.php'>";
    exit();
    }