[英]How to validate g-captcha-response?
In the documentation of google recaptcha, said:在 google recaptcha 的文档中,说:
URL: https://www.google.com/recaptcha/api/siteverify网址: https : //www.google.com/recaptcha/api/siteverify
METHOD: POST方法:邮寄
POST Parameter Description secret - Required. POST 参数 描述 secret - 必需。 The shared key between your site and reCAPTCHA.
您的站点和 reCAPTCHA 之间的共享密钥。
The response is a JSON object:响应是一个 JSON 对象:
{
"success": true|false,
"challenge_ts": timestamp, // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
"hostname": string, // the hostname of the site where the reCAPTCHA was solved
"error-codes": [...] // optional
}
I'm getting that response with an onloadCallback, that calls a function after the user is validated correctly, and submit the form automatically .我通过 onloadCallback 获得响应,在用户正确验证后调用函数,并自动提交表单。 What I'm getting in the post is:
我在帖子中得到的是:
Array ([g-recaptcha-response] => 03AHJ_VuvxFs1t32j2Yn97X2tt8_86_XnXBLuMdY05BcYCBy-Jz1GWBCy9rGif83IJ59pq3C-0SdmlcxQwHHSz2CrRNBOFGc97Rb1W-0u0OxETOYufUJ5fRunvO_yOWp2a3yln8I9AT7SGmYVh0jTrxshuYnmu5KwxRTaR9k0FAwlmI38chPw2DplS2jk-8FpDDZdy0hs0_p7zGdI3xemq5OpF1WXeXvfCSRKAA8P4C7YBKp4GA-qEGv3gJE1HjXEaR1VHjVGPF8crn3H_EuhEWEBRnEpQMk1HN-nfUKwF2cv97fJ_2Qu_jtkbFK_laclISWIR18SDcMtR27_wuzgQUV6Ll49z3cQw6ZinD0YZcJLjBoGrtDWSqPDRBPYvRF9VEZNpmRasL6vU7W037BCoccDwrcCeVsFlspDFVDr6PlxrddkvF2USBjc0QTJNb_sDUEEfaEBbCot6wKcQxsBqfFtfHiwRuY3SZEszbMWdeLMyQNOE3rh7pJJRSFURWxYjgoLbV1jDbyQosdS6R9-VepLpiZ1Gc6Lw35cQAD2zsdajJuTBP-lih3fLxsxw9OuQqsFfpXpXQAUQ0owzjpbLWdy4O-bNM4zbVQttz-kWDwNFD4JL57SbUIm6LAjNlhxhJeYSZGE7SvaxPZ93WWm-VV7PIWiEmFZy5X981rUGMRpxJSpwHMCTpwLgV_LabMHoJd-EDXQjN6w6BDIqC4yVV15yBDBmWO6t_CcCgTNgu7-lpL671g03LW14MChkwt7EGLXNAYi9gHKOP8e69aT2zrCT-3FwMg4wmMpaPMqt62YnGTIJ0zoRlLHn8Jl0uuE6PTFycusBTdmOLjTui1urTW_a5sI98TuY4Jx1uNaRpxbxmUBK357gXy3bYOgwzqGA8i_w4goq-QKEIwjlZRsaLQkDMZaxHQF6mR6ehjQWJ5PFS0IRFk5IRJINKjwsldqzO7lM-8Ill-wqVRRQy2W111k4vtsYn3ymYDZ9SOwu3clx5HrWr_viE7_-WeJnMRL0DHQZD2ZBcrqoZWp1LAtcreKZzvgpiP7nGd-sU2JLqUlA9u1HbLwe7LTuEtoMuCpW_PZ4kgyauQTro6W1qZNkeCz1-nIiptMdrCWE4PeHF3pbuD4srkDS61eiOMGSey-ZprTorH92Egc0DQf-obzkjWw_8A_isfl3pQ )
Theres's no JSON present, only this string.没有 JSON,只有这个字符串。 What is the next step?
你下一步怎么做?
Thanks.谢谢。
There's no JSON present, only this string.
没有 JSON,只有这个字符串。 only this string.
只有这个字符串。 What is the next step?
你下一步怎么做?
By submitting the POST to https://www.google.com/recaptcha/api/siteverify with g-recaptcha-response value and reCaptcha secret key you've already got a success response as JSON :通过使用g-recaptcha-response值和 reCaptcha密钥将 POST 提交到https://www.google.com/recaptcha/api/siteverify ,您已经获得了 JSON 形式的成功响应:
{
"success": true|false,
"challenge_ts": timestamp, // timestamp of the challenge load
"hostname": string, // the hostname of the site where the reCAPTCHA was solved
"error-codes": [...] // optional
}
So, this was your validation of g-recaptcha-response value.所以,这是您对g-recaptcha-response值的验证。 And now you include success parameter value ( true/false ) into your web form to submit or use it server-side (since you've got g-recaptcha-response value thru your server request to google server) for further response to client.
现在,您将成功参数值 ( true/false ) 包含到您的 Web 表单中以在服务器端提交或使用它(因为您已经通过您对谷歌服务器的服务器请求获得了g-recaptcha-response值)以进一步响应客户端。
Read here more. 在这里阅读更多。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.