CODEWITHSUNDEEP
phphtmlrecaptcha
Thomas farley
Thomas farley

Reputation: 51

Google Recaptcha (PHP)

So, it seems quite simple, I have added a Google recaptcha to my website with the following to HTML codes.

<script src='https://www.google.com/recaptcha/api.js'></script>
<div class="g-recaptcha" data-sitekey="My key would be here"></div>

However, people can still fill the form and send mail without completing the captcha. (So they do not have to solve any puzzles they can just get straight through which is leaving me vunerable to bots of course)

So, I basically need PHP code that checks to see if the users has actually "Ticked" or "Completed" the Recaptcha. So then they can proceed to send mail.

My PHP code:

if ($_POST['submit']) {
        if ($email != '') {
            if ($human == '4') {                 
                if (mail ($to, $subject, $body, $from)) { 
                    echo '<p>You have successfully submitted your information to PS4RS. Subscribers to our mailing list will begin to periodically receive updates.</p>';
                } else { 
                    echo '<p>Something went wrong, go back and try again!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>'; 
                } 
            } else if ($_POST['submit'] && $human != '4') {
                echo '<p>You answered the anti-spam question incorrectly!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
            }
        } else {
            echo '<p>You need to fill in all required fields!!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
        }
    }
?>

I really have no clue in how to code in PHP, this is my best attempt.

Upvotes: 1

Views: 2116

Answers (2)

krummens
krummens

Reputation: 867

This is not my original answer, I found it here

<?php
  $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=". $yoursecret."&response=".$_POST['g-recaptcha-response']."&remoteip=".$_SERVER['REMOTE_ADDR']);
  $googleobj = json_decode($response);
  $verified = $googleobj->success;
  if ($verified === true){
    //do stuff
  }

so for your purpose...

<?php
if($_POST['submit']) {
  $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=". $yoursecret."&response=".$_POST['g-recaptcha-response']."&remoteip=".$_SERVER['REMOTE_ADDR']);
  $googleobj = json_decode($response);
  $verified = $googleobj->success;
  if($verified === true) {
    if(mail($to, $subject, $body, $from)) { 
      echo '<p>You have successfully submitted your information to PS4RS. Subscribers to our mailing list will begin to periodically receive updates.</p>';
    } else { 
      echo '<p>Something went wrong, go back and try again!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>'; 
    } 
  }
}
?>


Be sure to add your SECRET KEY in for $yoursecret

(That's different from the site key)


Hope that helps

Upvotes: 2

callmeniko
callmeniko

Reputation: 122

This is from the official Google dev webpage:

<?php
    require_once('recaptchalib.php');
    $privatekey = "your_private_key";
    $resp = recaptcha_check_answer ($privatekey,
                            $_SERVER["REMOTE_ADDR"],
                            $_POST["recaptcha_challenge_field"],
                            $_POST["recaptcha_response_field"]);

    if (!$resp->is_valid) {
        // What happens when the CAPTCHA was entered incorrectly
        die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
     "(reCAPTCHA said: " . $resp->error . ")");
    } else {
        // Your code here to handle a successful verification
    }
?>

Tell me if this helps

Upvotes: 0

Related Questions