CODEWITHSUNDEEP
phpcurl
Kenth John Israel
Kenth John Israel

Reputation: 1333

cURL Recaptcha not working PHP

What I have:

$data = array(
            'secret' => "my-app-secret",
            'response' => "the-response"
        );

$verify = curl_init();
curl_setopt($verify, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($verify, CURLOPT_POST, true);
curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($verify);

var_dump($response);

What I got: bool(false) (which means the curl_exec() failed)

What I expect: a JSON object response

Please help. Thanks.

Upvotes: 25

Views: 37524

Answers (6)

Sagar Mistry
Sagar Mistry

Reputation: 131

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "https://www.google.com/recaptcha/api/siteverify",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "secret=$secret&response=$response",
  CURLOPT_HTTPHEADER => array(
    "cache-control: no-cache",
    "content-type: application/x-www-form-urlencoded"
  ),
));

$responsedata = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $responsedata;
}

Upvotes: 0

jerryurenaa
jerryurenaa

Reputation: 4704

usually I will do something like this

public static function validateRecaptcha($recaptcha)
{
  $dataArr = [

    'secret' => 'secret_key',
    'response' => $recaptcha,
    'remoteip'=> $_SERVER['REMOTE_ADDR'] //optional field

  ];

  $url = "https://www.google.com/recaptcha/api/siteverify";

  try
  {
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_POST, true);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($dataArr));

    $response = curl_exec($curl);

    //get error code
    $responseCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);

    if ($responseCode >= 400) 
    {
      throw new Exception ("Response error code: {$responseCode}");
    }

    $response = json_decode($response, true);        

    if ($response['success'] === true) 
    {
        // Success
        return 'success';
    }

    throw new Exception ($response);
  }
  catch(Exception $e)
  {
    return $e->getMessage();
  }
}

Upvotes: 0

Andre Rodrigues
Andre Rodrigues

Reputation: 362

It's easier using "file_get_contents" with POST:

$postdata = http_build_query( [
    'secret'   => YOUR_SECRET_KEY,
    'response' => $_POST[ 'g-recaptcha-response' ]
] );

$opts = [
    'http' => [
        'method'  => 'POST',
        'header'  => 'Content-type: application/x-www-form-urlencoded',
        'content' => $postdata
    ]
];

$context  = stream_context_create( $opts );

$result = file_get_contents(
    'https://www.google.com/recaptcha/api/siteverify', false, $context
);

$check = json_decode( $result );
if( $check->success ) {
    echo "validate";
} else {
    echo "wrong recaptcha";
}

Upvotes: 5

Fthr
Fthr

Reputation: 807

for those who prefer to use shell_exec curl:

    $arrayku = array();
    $arrayku['secret'] = 'Your_SECRET_KEY';
    $arrayku['response'] = trim($_POST['g-recaptcha-response']);
    $dataku = http_build_query($arrayku);
    $respon_google = shell_exec('curl -s -L -X POST "https://www.google.com/recaptcha/api/siteverify" --data "'.$dataku.'" --max-time 10 --compressed');
    $array_respon = json_decode($respon_google, true);
    if($array_respon['success']===false){
    echo 'Wrong recaptcha'; echo PHP_EOL;
        //goto wrong_captcha;
        exit;
    }

Upvotes: -1

dsojevic
dsojevic

Reputation: 1096

Because you're attempting to connect via SSL, you need to adjust your cURL options to handle it. A quick fix to get this to work is if you add curl_setopt($verify, CURLOPT_SSL_VERIFYPEER, false);

Setting CURLOPT_SSL_VERIFYPEER to false will make it so that it accepts any certificate given to it rather than verifying them.

<?php

$data = array(
            'secret' => "my-secret",
            'response' => "my-response"
        );

$verify = curl_init();
curl_setopt($verify, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($verify, CURLOPT_POST, true);
curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($verify, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($verify);

var_dump($response);

Upvotes: 62

thecommonthread
thecommonthread

Reputation: 405

Here's an alternative method to cURL I found if it helps anyone. Obviously input $secret and $response variables to pass it correctly. Sorry the question is asking for a cURL solution, but this is the quickest method I've seen so I thought it would add it anyway because I know it will help somebody out there. :)

$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$response);
$response = json_decode($response, true);
if($response["success"] === true){
    // actions if successful
}else{
    // actions if failed
}

Upvotes: 8

Related Questions