Srikanth Koneru
Reputation: 264
Sanitise and validate $_POST['g-recaptcha-response'] in recaptcha
How do i sanitize and validate $_POST['g-recaptcha-response'] in recaptcha
https://github.com/google/recaptcha/blob/master/examples/example-captcha.php#L72
Looks like it gives a long string of alphanumeric characters, _ and -
so will using strip_tags() to sanitize and check if it has only alphanumeric characters, _ and - to validate enough?
Upvotes: 1
Views: 990
Answers (1)
Mihai Matei
Reputation: 24276
You can use strip_tags but this will not ensure that there are not other characters sent, like @, #, .... One solution would be to use preg_match to validate the string you receive:
if (!preg_match('/^[\w-]*$/', $_POST['g-recaptcha-response'])) {
echo 'invalid captcha';
}
Upvotes: 1
Related Questions
- How to Validate Google reCaptcha on Form Submit
- Validate ReCapatcha in form?
- PHP - Validate the recaptcha v2 response
- How to remove g-recaptcha-response in online form?
- g-recaptcha-response with AJAX
- How to validate g-captcha-response?
- Validating google recaptcha by passing g-recaptcha-response to php file from a javascript file
- ReCaptcha returns 400 Bad Request during the verification
- How do I validate reCAPCHA in this case?
- about recaptcha validation