带有reCaptcha v2的PHP和AJAX表单无法运行PHP脚本

Question

I'm currently making a personal website from scratch using a webserver running Apache and PHP 5.6. I made the framework, some pages, and some CSS. I'm currently having issues integrating Google's reCaptcha v2 to my contact form. I was able to integrate it into the form through the HTML and my AJAX script is working correctly, but I can't for the life of me figure out how to properly integrate the captcha check into my PHP script. I want to like PHP, and I'm going to have to use it more, but It's been extremely frustrating to try and get this working.

This form works perfectly without the catcha integration, but when I introduce the changes tot he PHP script, it fails to complete and form messages don't get sent. I've been tracking down the exact issue, but can't figure it out. I would love to use JS alert() to stub different parts of the script, but since it's PHP I can't do that :c I also used a few validators to make sure that the PHP's syntax was correct. There are no errors in my IDE.

Can anybody see any absurd issues with the following PHP form script?

PHP

 <?php // Only process POST reqeusts. if ( $_SERVER[ "REQUEST_METHOD" ] == "POST" ) { // Get the form fields and remove whitespace. $firstname = strip_tags( trim( $_POST[ "firstname" ] ) ); $firstname = str_replace( array( "\\r", "\\n" ), array( " ", " " ), $firstname ); $lastname = strip_tags( trim( $_POST[ "lastname" ] ) ); $lastname = str_replace( array( "\\r", "\\n" ), array( " ", " " ), $lastname ); $email = filter_var( trim( $_POST[ "email" ] ), FILTER_SANITIZE_EMAIL ); $phone = filter_var( trim( $_POST[ "phone" ] ), FILTER_SANITIZE_NUMBER_INT ); $message = trim( $_POST[ "message" ] ); $validation = false; function buildCaptchaUrl() { $captcha = $_POST[ 'g-recaptcha-response' ]; $secret = 'SECRET'; return "https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=" . $captcha . "&remoteip=" . $_SERVER[ 'REMOTE_ADDR' ]; } function fileGetContentsCurl( $url ) { $ch = curl_init(); curl_setopt( $ch, CURLOPT_AUTOREFERER, true ); curl_setopt( $ch, CURLOPT_HEADER, 0 ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt( $ch, CURLOPT_URL, $url ); curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true ); $data = curl_exec( $ch ); curl_close( $ch ); return $data; } function sendCaptchaResponse() { $response = json_decode( file_get_contents_curl( buildCaptchaUrl() ), true ); if ( $response[ 'success' ] == false ) { return false; } return true; } //The problematic chain of events is caused by this $validation = sendCaptchaResponse(); if ( $validation == false ) { //captcha failed http_response_code( 403 ); echo "Please verify your humanity by using the captcha."; exit; } else if ( $validation == true ) { //captcha passed // Check that data was sent to the mailer. if ( empty( $firstname )OR empty( $message )OR!filter_var( $email, FILTER_VALIDATE_EMAIL ) ) { // Set a 400 (bad request) response code and exit. http_response_code( 400 ); echo "Some form fields must have been empty. Please complete the form and submit again."; exit; } // Set the recipient email address. // FIXME: Update this to your desired email address. $recipient = "chris@chillstice.com"; // Set the email subject. $subject = "Form Submission by $firstname $lastname"; // Build the email content. $email_content = "Name: $firstname $lastname\\n"; $email_content .= "Email: $email\\n"; $email_content .= "Phone: $phone\\n\\n"; $email_content .= "Message:\\n$message\\n"; // Build the email headers. $email_headers = "From: $firstname $lastname <$email>"; // Send the email. if ( mail( $recipient, $subject, $email_content, $email_headers ) ) { // Set a 200 (okay) response code. http_response_code( 200 ); echo "Your message has been sent and I will be in contact soon."; } else { // Set a 500 (internal server error) response code. http_response_code( 500 ); echo "Something went wrong and we couldn't send your message."; } } } else { // Not a POST request, set a 403 (forbidden) response code. http_response_code( 403 ); echo "There was a problem with your submission, please try again."; } ?> 

HTML

 <form id="form" class="item needs-validation" method="POST" action="contact-form.php" novalidate> <div class="form-row"> <div class="form-group col-md-6"> <label for="firstname">First name *</label> <input id="firstname" name="firstname" class="form-control" placeholder="John" type="text" required maxlength="100"> <div class="valid-feedback">What a lovely name!</div> <div class="invalid-feedback">That's no name.</div> </div> <div class="form-group col-md-6"> <label for="lastname">Last name *</label> <input id="lastname" name="lastname" class="form-control" placeholder="Doe" type="text" required maxlength="100"> <div class="valid-feedback">Looks good!</div> <div class="invalid-feedback">That's not a real name.</div> </div> </div> <div class="form-row"> <div class="form-group col-md-6"> <label for="email"><i class="far fa-envelope mr-2"></i>Email *</label> <input id="email" name="email" class="form-control" placeholder="someone@domain.com" type="email" required maxlength="100"> <div class="valid-feedback">Valid</div> <div class="invalid-feedback">That's not a real email...</div> </div> <div class="form-group col-md-6"> <label for="phone"><i class="fas fa-mobile-alt mr-2"></i>Phone</label> <input id="phone" name="phone" class="form-control" placeholder="1234567890" type="tel" maxlength="20"> <div class="valid-feedback">Not required.</div> <div class="invalid-feedback">That's not a real phone number.</div> </div> </div> <div class="form-row"> <div class="form-group col-12"> <label for="message"><i class="fa fa-comment-alt mr-2"></i>Message *</label> <textarea id="message" name="message" class="form-control" placeholder="" maxlength="100000"></textarea> <div class="valid-feedback">Nice message.</div> <div class="invalid-feedback">I have no idea what you did, but that's not valid.</div> </div> </div> <div class="form-row"> <div class="form-group col-md-6"> <div class="g-recaptcha" data-sitekey="6LdOqVsUAAAAAN25grBs05Ip8JmjGQNqURivfH0y"></div> </div> <div class="form-group col-md-6"> <button id="submit" name="submit" type="submit" class="btn btn-primary btn-lg" style="float: right;"> Submit </button> </div> </div> </form> 

JS AJAX

 $(function() { "use strict"; // Get the form. var form = $('#form'); // Set up an event listener for the contact form. $(form).submit(function(e) { // Stop the browser from submitting the form. e.preventDefault(); // Serialize the form data. var formData = $(form).serialize(); // Submit the form using AJAX. $.ajax({ type: 'POST', url: $(form).attr('action'), data: formData }) .done(function(response) { // Set the message text. $('#alert-form-success-text').text(response); $('#alert-form-success').css({ "visibility": "visible", "opacity": "1" }); $('#alert-form-fail').css({ "visibility": "hidden", "opacity": "0" }); }) .fail(function(data) { $('#alert-form-fail').css({ "visibility": "visible", "opacity": "1" }); $('#alert-form-success').css({ "visibility": "hidden", "opacity": "0" }); // Set the message text. if (data.responseText !== '') { $('#alert-form-fail-text').text(data.responseText); } else { $('#alert-form-fail-text').text('An internal error occured and your message could not be sent.'); } }); }); }); 

The issue only relates to the reCaptcha integration, the scripts ability to get the POST information and email is fine. I think the issue is localized to the chain of methods started by

$validation = sendCaptchaResponse();

If you have any questions, don't hesitate to ask. Here's the page with the form: https://chillstice.com/contact

Answer 1

The fileGetContentsCurl() function in the PHP file was being run as 'file_get_contents_curl()'

Fixing this typo and making the methods go by a consistent name solved this issue. I sure wish my IDE or the debugging tools would have helped me fix this one (1) typo, but that's PHP for you.

I would like to thank Karlo Kokkak for alluding me to the typo.

After making the changes, the entire script works as intended.